Home
Artists
Search Recent Random
Posts
Search DMs Popular Hash Lookup Tags Random
Importer
Import FAQ
Register
Partychan Matrix ThePornDude
Home Artists Posts Import Register
Patreon importer is back online! Tell your friends ✅

Live Stream VOD: Using Angr Symbolic Execution to Remove Control Flow Obfuscation From Pandora Ransomware (Patreon)

Published:
2022-04-01 22:11:20
Imported:
2022-12
Flagged

Content

In this Twitch stream we use Angr symbolic execution and IDA scripts to removed the control flow flattening obfuscation from Pandora Ransomware. 

Sample

5b56c5d86347e164c6e571c86dbf5b1535eae6b979fede6ed66b01e79ea33b7b

Unpacked sample (we will be using this as our example)

2619862c382d3e375f13f3859c6ab44db1a4bce905b4a617df2390fbf36902e7 


Our notes (with working code) are split between two notebooks.

Pandora Ransomware Notes (unpacking and initial analysis) 


Angr Control Flow Deobfuscation (symbolic execution code) 


Files

Live Stream VOD: Using Angr Symbolic Execution to Remove Control Flow Obfuscation From Pandora Ransomware

This is "Live Stream VOD: Using Angr Symbolic Execution to Remove Control Flow Obfuscation From Pandora Ransomware" by OALABS on Vimeo, the home for high...

Comments

No comments found for this post.