all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The Basics of Overlays in PE Files

Add to bookmarks
Jan. 6, 2023, 7 p.m. | Dr Josh Stroschein

Dr Josh Stroschein www.youtube.com

Malware authors will often abuse the structure of the portable executable (PE) file format to avoid detection and hide additional resources. Overlays are one such example of a legitimate PE file feature that is often abused. In this video, I'll cover the basics of overlays in PE files. We'll look at a couple of sample binaries, use Detect-it-Easy and PEStudio to identy information about the overlays, as well as look at the structure of these PE files using a hex-editor. …

abuse authors basics detect detection file files hide information malware overlays portable portable executable resources video

Visit resource

More from www.youtube.com / Dr Josh Stroschein

🔴 Malware Mondays Episode 02 - Investigating Processes with Process Explorer and System Informer 2 weeks, 5 days ago | www.youtube.com
basics episode explorer focus +10
MM#02 - Uncover Program Behavior! Build a Sample Program to Investigate w/ Process Explorer | … 3 weeks, 3 days ago | www.youtube.com
basics build episode explorer +12
Malware Mondays?!? Learn more 1 month ago | www.youtube.com
learn malware
Malware Mondays Episode 01 - Identifying Malicious Activity in Process Monitor (ProcMon) Data 1 month, 1 week ago | www.youtube.com
artifact data goal learn +11
MM#01 - How to Capture Malicious Activity with Process Monitor! Using ProcMon with Amadey Malware 1 month, 3 weeks ago | www.youtube.com
amadey artifacts capture data +11
Malware Mondays Episode 01 - Identifying Malicious Activity in Process Monitor (ProcMon) Data 1 month, 3 weeks ago | www.youtube.com
artifact data goal learn +11
Why Do You Need to Know Assembly to Use IDAPro or Ghidra? Exploring disassembly and … 1 month, 3 weeks ago | www.youtube.com
assembly disassembly effectively ghidra +9
Ease Shellcode Analysis with SCLauncher! Learn how-to wrap shellcode into a PE file 2 months ago | www.youtube.com
analysis debugging development easy +18
Customizing FakeNet-NG for Malicious Document Analysis! How to modify the web root 2 months, 1 week ago | www.youtube.com
analysis can default dive +16

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Brand Experience and Development Associate (Libby's Pumpkin)

@ Nestlé | Arlington, VA, US, 22209
View on infosec-jobs.com

Cybersecurity Analyst

@ L&T Technology Services | Milpitas, CA, US
View on infosec-jobs.com

Information Security Analyst

@ Fortinet | Burnaby, BC, Canada
View on infosec-jobs.com