pe header | DataProtectionCenter.com

Extracting Digital Signatures from Signed Malware, (Sat, May 11th)

12

May

2013

Sometimes attackers digitally sign their malicious software. Examining properties of the signature helps malware analysts understand the context of the incident. Moreover, analysts could use the signature as an indicator of compromise. Here are some tips and tools for determining whether a suspicious Windows executable has been signed and for extracting the embedded signature in […]

Category Security Written by SANS Internet Storm Center, InfoCON: green 0 Comments

High profile site scares users

29

Apr

2013

We come across a plenty of malware reports every day. Sometimes we have to deal with some special cases, where a respected vendor is involved. This time it was the Dell driver download site. Download siteThe “Download file” link leads to this unexpected screen (our user complained about a false positive): What a surprise?!Well, being […]

Category General Written by Avast! blog 0 Comments

Unpacking Malware Requires Searching for Zero Padding

19

Feb

2013

Recently we experimented with our generic unpacking heuristics. Our goal was to unpack a potentially malicious binary and dump the executable from memory to a file. During our experiments we saw a few unknown packers from which we successfully unpacked the binary; with these, however, we dumped the memory but we missed some code in […]

Category General Written by Blog Central > McAfee Labs 0 Comments

The Latest in IT Security

Posts Tagged ‘pe header’

Extracting Digital Signatures from Signed Malware, (Sat, May 11th)

High profile site scares users

Unpacking Malware Requires Searching for Zero Padding

Categories

Featured

Archives

Latest Comments

About Us

Contact Us