Posts Tagged ‘relocation’

Unpacking Malware Requires Searching for Zero Padding

Feb

2013

Recently we experimented with our generic unpacking heuristics. Our goal was to unpack a potentially malicious binary and dump the executable from memory to a file. During our experiments we saw a few unknown packers from which we successfully unpacked the binary; with these, however, we dumped the memory but we missed some code in […]

Category General Written by Blog Central > McAfee Labs 0 Comments

There’s nothing old school about viruses

Aug

2012

Recently, we discovered a new parasitic infection virus in the wild – Win32/Floxif – which specifically targets DLL files. Most of the attacks of this threat have been observed to come from a specific geographic region. Win32/Floxif replaces 5 bytes at the entry point of the infected file with a jmp instruction, which jumps directly […]

Category General Written by Microsoft Malware Protection Center 0 Comments

XPAJ out with EPO & complex encryption

Sep

2011

The new variant of W32.Xpaj is in the wild which uses Entry Point Obfuscation (EPO) technique to infect the Windows executable files. This variant is one of the most complex polymorphic infector seen till date. It overwrites any random subroutine from executable with its own code and redirects few call instructions to point to its […]

Category General Written by Quick Heal Weblog 0 Comments

The Latest in IT Security

Posts Tagged ‘relocation’

Unpacking Malware Requires Searching for Zero Padding

There’s nothing old school about viruses

XPAJ out with EPO & complex encryption

Categories

Featured

Archives

Latest Comments

About Us

Contact Us