Home
Artists
Search Recent Random
Posts
Search DMs Popular Hash Lookup Tags Random
Importer
Import FAQ
Register
Partychan Matrix ThePornDude
Home Artists Posts Import Register
Patreon importer is back online! Tell your friends ✅

Live Stream VOD: Rhadamanthys Part 1 - Stage 1 Shellcode and Shifted Pointers (Patreon)

Published:
2023-01-26 19:25:16
Imported:
2023-09

Content

In this twitch stream we take a look at Rhadamanthys, a stealer malware that uses multiples stages of shell code to protect its payload. 

We start out unpacking the first stage but end up spending a lot of time trying to make a simple PEB walk look nice in IDA using Shifted Pointers. This is one tip that we shouldn't soon forget! 

Sample

dca16a0e7bdc4968f1988c2d38db133a0e742edf702c923b4f4a3c2f3bdaacf5 

Notes

Rhadamanthys 

PEB Walk _LDR_DATA_TABLE_ENTRY and Shifted Pointers in IDA 


Files

Live Stream VOD: Rhadamanthys Part 1 - Stage 1 Shellcode and Shifted Pointers

This is "Live Stream VOD: Rhadamanthys Part 1 - Stage 1 Shellcode and Shifted Pointers" by OALABS on Vimeo, the home for high quality videos and the people...