Author: maskop9

Analysis of NetWiredRC trojan
By: Date: 30th January 2019 Categories: Malware Analysis,Reverse Engineering

NetWiredRC is a trojan used by APT33 group which allows remote unauthorized access and control of an affected computer. An attacker can perform more than 100 different actions on an infected computer using this remote access tool. This article includes  analysis of entire command and control structure of the malware. In this specific version of…

Read More →
Manually unpacking executables using OLLYdbg and ImportREC
By: Date: 11th September 2018 Categories: Malware Analysis,Reverse Engineering Tags: , , , ,

In this blog post I am going to show you how to manually unpack any packed executables. Malware authors and other commercial software authors pack their executables to make them unreadable and to make it difficult for analyst/reverse engineers to analyse and reverse the application. But anyhow the application will have to unpack itself in…

Read More →
Reverse Engineering : For Loops, Switch statements and their representation
By: Date: 2nd May 2018 Categories: Reverse Engineering Tags: , , ,

In this blog, we will be looking at how the loops are represented in lower assembly language. Here we will take some simple to complex programs in Higher level language like C/C++ and compile them to create an executable. We will then disassemble the executable to analyse how different loops are represented or optimized by…

Read More →