ReversingLabs | Blog

Reverse engineering is the only weapon of choice when it comes to malware unpacking and analysis. It gives us an inside look into the malware creations and enables us to understand their ins and outs. One such malicious sample was sent to us today for analysis. The file in question is an update for a rogue anti-virus solution and it uses an interesting encryption and packing options to hide its presence from legitimate security software solutions. For our today's blog we demonstrate the actions needed to remove the protections utilized by malicious software in order to get to the core malware functionality. Until next week...