Zombieware Part 2 - Reverse Engineering The COSMU File Infector (Patreon)

Part two of our live stream looking at Zombieware and in this part we fully reverse engineer the file infector COSMU and build an extractor tool to recover files that have been infected by it.

Samples

• 225715681d8cdf51c5f178e4f4cc67c05608e44cb3d625c108f92caebe4d719b [UnpacMe]

• 00e0ea6fa8a039786efa9457bbb9b6f13398c256a9bc0eeb71392c2b6657250b [UnpacMe]

Notes

COSMU File Infector - Extracting hitchhikers from this 10 year old file infector