Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Malware Analysis - Unpacking RunPE Loyeetro Trojan
#1

Published on Aug 8, 2017
We look at signs that this sample is packed and how we can see that it uses RunPE to inject the packed code into its own process.
We unpack the sample with x64dbg and HxD.

Follow me on Twitter: @struppigel
And MalwareBlocker: @Malware_Blocker

Sample: https://www.hybrid-analysis.com/sampl...
HxD: https://mh-nexus.de/en/hxd/
x64dbg: https://x64dbg.com/
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Malware adds Any.Run sandbox detection to evade analysis tarekma7 2 3,457 07-14-2020 , 11:01 PM
Last Post: uyar64
  Malware Analysis - Deobfuscating Loyeetro Trojan-Spy baziroll 0 2,439 08-18-2017 , 12:49 AM
Last Post: baziroll
  Trojan-Spy Analysis with Karsten baziroll 0 2,006 08-11-2017 , 12:50 AM
Last Post: baziroll
  Malware Analysis - PortexAnalyzer Repair and Dump PE Files baziroll 0 2,502 08-07-2017 , 11:51 AM
Last Post: baziroll
  Malware Analysis - Creating a Decrypter for Alpha Ransomware Pt. 3 baziroll 0 2,272 08-02-2017 , 12:41 AM
Last Post: baziroll

Forum Jump:


Users browsing this thread: 1 Guest(s)