Thread Rating:
- 0 Vote(s) - 0 Average
- 1
- 2
- 3
- 4
- 5
Share Post:
Malware Analysis - Unpacking RunPE Loyeetro Trojan
|
Posts: 8,755
Threads: 4,248
Thanks Received: 11,373 in 4,808 posts
Thanks Given: 33,610
Joined: Jan 2016
Reputation:
196
Published on Aug 8, 2017
We look at signs that this sample is packed and how we can see that it uses RunPE to inject the packed code into its own process.
We unpack the sample with x64dbg and HxD.
Follow me on Twitter: @struppigel
And MalwareBlocker: @Malware_Blocker
Sample: https://www.hybrid-analysis.com/sampl...
HxD: https://mh-nexus.de/en/hxd/
x64dbg: https://x64dbg.com/
|
Possibly Related Threads… |
Thread |
Author |
Replies |
Views |
Last Post |
|
Malware adds Any.Run sandbox detection to evade analysis |
tarekma7 |
2 |
3,613 |
07-14-2020 , 11:01 PM
Last Post: uyar64
|
|
Malware Analysis - Deobfuscating Loyeetro Trojan-Spy |
baziroll |
0 |
2,542 |
08-18-2017 , 12:49 AM
Last Post: baziroll
|
|
Trojan-Spy Analysis with Karsten |
baziroll |
0 |
2,103 |
08-11-2017 , 12:50 AM
Last Post: baziroll
|
|
Malware Analysis - PortexAnalyzer Repair and Dump PE Files |
baziroll |
0 |
2,617 |
08-07-2017 , 11:51 AM
Last Post: baziroll
|
|
Malware Analysis - Creating a Decrypter for Alpha Ransomware Pt. 3 |
baziroll |
0 |
2,385 |
08-02-2017 , 12:41 AM
Last Post: baziroll
|
Users browsing this thread: 1 Guest(s)