all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

AV Emulation Detection Tricks Used by Malware

Add to bookmarks
July 27, 2023, 12:23 a.m. | OALabs

OALabs www.youtube.com

Tricks that malware developers use to detect antivirus emulators and how these differ from the sandbox emulators we use from our recent Twitch stream.

Alexie's Windows Defender research with some insights into the emulation engine used...

https://recon.cx/2018/brussels/resources/slides/RECON-BRX-2018-Reverse-Engineering-Windows-Defender-s-JavaScript-Engine.pdf

https://i.blackhat.com/us-18/Thu-August-9/us-18-Bulazel-Windows-Offender-Reverse-Engineering-Windows-Defenders-Antivirus-Emulator.pdf

https://github.com/0xAlexei/WindowsDefenderTools

-----
OALABS PATREON
https://www.patreon.com/oalabs

OALABS DISCORD
https://discord.gg/6h5Bh5AMDU

Twitch
https://www.twitch.tv/oalabslive

OALABS GITHUB
https://github.com/OALabs

UNPACME - AUTOMATED MALWARE UNPACKING
https://www.unpac.me/#/
-----

antivirus automated defender detect detection developers discord emulation engine github insights malware malware developers patreon research sandbox stream twitch twitch stream unpacking windows windows defender

Visit resource

More from www.youtube.com / OALabs

Introduction to YARA Part 4 - Efficient Rule Development 3 months, 2 weeks ago | www.youtube.com
automated can development discord +16
Introduction to YARA Part 3 - Rule Use Cases 3 months, 2 weeks ago | www.youtube.com
analysis blueteam cases fun +16
Introduction to YARA Part 2 - Hunting on UnpacMe 3 months, 2 weeks ago | www.youtube.com
automated discord github malware +4
Introduction to YARA Part 1 - What is a YARA Rule 3 months, 2 weeks ago | www.youtube.com
automated basics discord github +10
OALABS Holiday Variety Show 2023 4 months, 1 week ago | www.youtube.com
automated banter christmas discord +10
Tips For Analyzing Delphi Binaries in IDA (Danabot) 4 months, 2 weeks ago | www.youtube.com
analysis danabot don easier +9
How To Recognize Macro Encrypted Strings in Malware 5 months ago | www.youtube.com
automated disassembly discord encrypt +9
Direct vs. Indirect Syscalls What Is All The HYPE?! 6 months, 1 week ago | www.youtube.com
automated call care debates +14
Are Red Team Tools Helping or Hurting Our Industry? 6 months, 1 week ago | www.youtube.com
automated call debates discord +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Senior Software Engineer, Security

@ Niantic | Zürich, Switzerland
View on infosec-jobs.com

Consultant expert en sécurité des systèmes industriels (H/F)

@ Devoteam | Levallois-Perret, France
View on infosec-jobs.com

Cybersecurity Analyst

@ Bally's | Providence, Rhode Island, United States
View on infosec-jobs.com

Digital Trust Cyber Defense Executive

@ KPMG India | Gurgaon, Haryana, India
View on infosec-jobs.com

Program Manager - Cybersecurity Assessment Services

@ TestPros | Remote (and DMV), DC
View on infosec-jobs.com
View more jobs