Home
Artists
Search Recent Random
Posts
Search DMs Popular Hash Lookup Tags Random
Importer
Import FAQ
Register
Partychan Telegram Live Sex ThePornDude
Home Artists Posts Import Register

Live Stream VOD: Night Sky Ransomware FLAIR / FLIRT Signatures in IDA PRO and BinDiff With Rook Ransomware (Patreon)

Published:
2022-01-16 00:29:40
Imported:
2022-12

Content

Twitch live stream VOD. We generate IDA Pro FLIRT / FLAIR signatures for the mbedtls library in Night Sky ransomware and begin reverse engineering. Once we have a nice IDB we use BinDiff to compare NightSKy against Rook ransomware and confirm they are from the same code base.

Sample available on Malshare:

8c1a72991fb04dc3a8cf89605fb85150ef0e742472a0c58b8fa942a1f04877b0

Clean unpacked payload (fixed OEP):

ff5757086c464d624f4a6674d65409fb6fa84ad5ac089583ebc994ba949458d7

Lab Notes:

NightSky Ransomware

Files

Live Stream VOD: Night Sky Ransomware FLAIR / FLIRT Signatures in IDA PRO and BinDiff With Rook Ransomware

This is "Live Stream VOD: Night Sky Ransomware FLAIR / FLIRT Signatures in IDA PRO and BinDiff With Rook Ransomware" by OALABS on Vimeo, the home for high...

Comments

No comments found for this post.