all InfoSec news
Resolving Stack Strings with Capstone Disassembler & Unicorn in Python
Malware Analysis, News and Indicators - Latest topics malware.news
It’s not uncommon to come across some kind of string encryption functionality within malware samples, often more complex than a simple single-byte XOR operation which can often be brute-forced with simplicity.
By encrypting strings, malware authors are able to potentially lower the detection rate by anti-malware software, obscuring strings that may be identified as “malicious”, such as strings indicating malicious functionality, registry keys or file paths linked to malicious activity, and so on. Additionally, encrypting strings can go a long …
anti-malware anti-malware software authors brute can detection disassembler encryption kind malware malware analysis python rate simple single software stack strings uncommon unicorn xor