Distributing the Reconstruction of High-Level Intermediate Representation

Explore advanced techniques for distributed reverse engineering of malware using intermediate representation in a clustered environment. Delve into methods for constructing higher-level abstractions of malware code from abstract syntax trees provided by Hex-Rays Decompiler. Learn how to extract key characteristics like domain generation algorithms, custom encryption, and configuration data parsers. Examine the analysis of 2 million malware samples, providing insights to improve malware analysis and threat intelligence initiatives. Discover how to leverage this rich dataset for comparing new samples against millions of existing ones. Gain access to the developed Hex-Rays Decompiler plugin, analysis tools, and automation techniques used in this research, all of which will be made available on Github.