API Deobfuscator - Resolving Obfuscated API Functions in Modern Packers

Overview

Explore techniques for deobfuscating API functions in modern packers during this 42-minute Black Hat conference talk. Learn about static and dynamic API obfuscation methods used by malware to hinder analysis. Discover a novel approach using memory access analysis to map obfuscated API functions to their original counterparts, overcoming limitations of pattern matching and code optimization techniques. Examine the iterative run-until-API method for handling static obfuscation, leveraging dynamic binary instrumentation with Intel Pin to identify real API functions without full system emulation. Gain insights into applying these deobfuscation techniques to Themida 32/64 packed binaries, enabling analysis with common reverse engineering tools like x64dbg, Ollydbg, and IDA Pro.

Syllabus

API Deobfuscator: Resolving Obfuscated API Functions In Modern Packers

Taught by

Black Hat

Reviews

Start your review of API Deobfuscator - Resolving Obfuscated API Functions in Modern Packers

Coursera Cuts Jobs Despite $100M Revenue Milestone

Most common

Popular subjects

Popular courses

API Deobfuscator - Resolving Obfuscated API Functions in Modern Packers

Overview

Syllabus

Taught by

Reviews

Coursera Cuts Jobs Despite $100M Revenue Milestone

Taught by

API Deobfuscator - Identifying Runtime-Obfuscated API Calls Via Memory Access Analysis

Backward-Bounded DSE - Targeting Infeasibility Questions on Obfuscated Codes

Deobfuscate UEFI - BIOS Malware and Virtualized Packers

A Review of Modern Code Deobfuscation Techniques

Pindemonium - A DBI-Based Generic Unpacker for Windows Executable

Invoke-DOSfuscation - Techniques for CMD Obfuscation

7 Best Reverse Engineering Courses for 2024

Never Stop Learning.