all InfoSec news
Automating Qakbot Malware Analysis with Binary Ninja
Malware Analysis, News and Indicators - Latest topics malware.news
Overview We recently finished a stream series where we wrote a static unpacker and deobfuscation scripts for 64-bit Qakbot samples using Binary Ninja. Binary Ninja is a powerhouse reverse engineering suite that provides a plethora of functionality that is useful when reverse engineering malware. It has a robust Python API for interacting with abstractions (semantic representations) generated by their multiple levels of Binary Ninja Intermediate Languages (BNILs). These abstractions result in large simplifications of disassembled instructions into intrinsic functions and …
64-bit analysis api binary binary ninja deobfuscation engineering malware malware analysis python qakbot qakbot malware reverse reverse engineering scripts series stream unpacker