Before we dive into the concept of DLL injection its important to know the basics, So let's start with what is a DLL? and why are they used so widely? Dynamically Linked Library or DLL is are the files written to add features to an application. DLL's contain code and data that can be used... Continue Reading →
Blog
Packed Exception
Hope you all enjoyed playing InCTF 2018. We had a variety of challenges this year. this year I made the challenge Packed Exception along with @k4iz3n (I think I should have added an Avengers spoiler alert!! tag in the description :P) . Source code of the challenge can be downloaded from this link. : Packed... Continue Reading →
Different Visual C/C++ calling conventions
Visual C++ provides different calling conventions based on users requirements for calling internal as well as external functions. Some of the widely used conventions areĀ __cdecl, __stdcall, __fastcall and __thiscall. We will be discussing how these calling convention differs on the basis of how the arguments are passed, how the stack is cleared after the... Continue Reading →
Analysis Report: MirageFox
History: The China-linked APT15 (Aka Mirage, Royal APT, Playful Dragon .. ) group has been active since at least 2010, They conducted cyber espionage campaigns against targets in defense, high tech, energy, government, aerospace, manufacturing industries worldwide. The attackers demonstrated an increasing level of sophistication across the years, they used a custom-malware and various exploits... Continue Reading →
Summarizing Unpacking Virtualization Obfuscators by Rolf Rolles
In this article we will explain Virtualization Obfuscators, why they so popularly used by malwares, how do they differ from normal obfuscators and a step by step approach to deobfuscate them. Introduction: Nowdays almost every Malware is protected using some method and that protection has to be removed in order to even begin with advanced... Continue Reading →