Categories

Tips For Writing a .NET Static Config Extractor for Malware [ Reverse Engineering AMA ]

Published: 30 December 2022
on channel: OALabs
831
29

What are some tips for dealing with static config extraction of .NET malware?

--

Big thanks to all the reverse engineers who helped us put this together!

Rattle (Jesko)
  / huettenhain  
https://github.com/binref/refinery

Jordan (psifertex)
  / psifertex  
https://binary.ninja/

Karsten
  / struppigel  
   / malwareanalysisforhedgehogs  

Drakonia
  / dr4k0nia  
https://dr4k0nia.github.io/

C3rb3ru5
  / c3rb3ru5d3d53c  
https://c3rb3ru5d3d53c.github.io/

Josh
  / jershmagersh  
https://pwnage.io/

Dodo
  / dodo_sec  
https://github.com/dodo-sec

Washi
  / washi_dev  
https://washi.dev/

-----
OALABS PATREON
  / oalabs  

OALABS DISCORD
  / discord  

Twitch
  / oalabslive  

OALABS GITHUB
https://github.com/OALabs

UNPACME - AUTOMATED MALWARE UNPACKING
https://www.unpac.me/#/
-----

Watch video Tips For Writing a .NET Static Config Extractor for Malware [ Reverse Engineering AMA ] online without registration, duration hours minute second in high quality. This video was added by user OALabs 30 December 2022, don't forget to share it with your friends and acquaintances, it has been viewed on our site 831 once and liked it 29 people.

play_arrow
785
38

Tracking a MASSIVE Buck 800+ Yards from ONE DROP of Blood!

Tracking a MASSIVE Buck 800+ Yards from ONE DROP of Blood!
play_arrow
310
10

Round the Corners of Video or Image | Alight Motion Tutorial

Round the Corners of Video or Image | Alight Motion Tutorial
play_arrow
3,191
147

16' Explorer LASD | LASD Streife | GTA 5 LSPDFR | (Deutsch/German)

16' Explorer LASD | LASD Streife | GTA 5 LSPDFR | (Deutsch/German)
play_arrow
9,064
464

What is Compression in Music Production?

What is Compression in Music Production?
play_arrow
193
17

((= داستان فضایی رزومه نوشتن من

((= داستان فضایی رزومه نوشتن من
play_arrow
102
10

Pata de Gallina hand embroidery Workshop by Carmen Marquez & Evie Martinez

Pata de Gallina hand embroidery Workshop by Carmen Marquez & Evie Martinez
play_arrow
38,022
831

GPT4 Can Create Responsive Layouts from Ascii

GPT4 Can Create Responsive Layouts from Ascii
play_arrow
432
8

Necessary and Sufficient Conditions for Deadlock - OS

Necessary and Sufficient Conditions for Deadlock - OS
Related
play_arrow
Zombieware

Zombieware
play_arrow
Introduction to YARA Part 2 - Hunting on UnpacMe

Introduction to YARA Part 2 - Hunting on UnpacMe
play_arrow
Introduction to YARA Part 3 - Rule Use Cases

Introduction to YARA Part 3 - Rule Use Cases
play_arrow
Introduction to YARA Part 4 - Efficient Rule Development

Introduction to YARA Part 4 - Efficient Rule Development
play_arrow
Introduction to YARA Part 1 - What is a YARA Rule

Introduction to YARA Part 1 - What is a YARA Rule
play_arrow
Tips For Analyzing Delphi Binaries in IDA (Danabot)

Tips For Analyzing Delphi Binaries in IDA (Danabot)
play_arrow
How To Recognize Macro Encrypted Strings in Malware

How To Recognize Macro Encrypted Strings in Malware
play_arrow
Direct vs. Indirect Syscalls What Is All The HYPE?! [OALABS Call-In Show]

Direct vs. Indirect Syscalls What Is All The HYPE?! [OALABS Call-In Show]
play_arrow
Are Red Team Tools Helping or Hurting Our Industry? [OALABS Call-In Show]

Are Red Team Tools Helping or Hurting Our Industry? [OALABS Call-In Show]
play_arrow
Reverse Engineering With Unicorn Emulation

Reverse Engineering With Unicorn Emulation
play_arrow
Emulation Fundamentals - Writing A Basic x86 Emulator

Emulation Fundamentals - Writing A Basic x86 Emulator
play_arrow
AV Emulation Detection Tricks Used by Malware

AV Emulation Detection Tricks Used by Malware
play_arrow
Tips to Learn Reverse Engineering: Avoid These Common Pitfalls!

Tips to Learn Reverse Engineering: Avoid These Common Pitfalls!
play_arrow
Understanding The PEB for Reverse Engineers

Understanding The PEB for Reverse Engineers
play_arrow
Well it finally happened... infected myself with Emotet lel

Well it finally happened... infected myself with Emotet lel
play_arrow
ESXiArgs Ransomware Analysis with @fwosar

ESXiArgs Ransomware Analysis with @fwosar
play_arrow
Do Companies Actually Pay Ransomware [ Reverse Engineering AMA ]

Do Companies Actually Pay Ransomware [ Reverse Engineering AMA ]
play_arrow
What The Security Industry Should Know About Reverse Engineering [ Reverse Engineering AMA ]

What The Security Industry Should Know About Reverse Engineering [ Reverse Engineering AMA ]
play_arrow
What is The Future of Reverse Engineering [ Reverse Engineering AMA ]

What is The Future of Reverse Engineering [ Reverse Engineering AMA ]
play_arrow
One Trick To Level Up Your Reverse Engineering [ Reverse Engineering AMA ]

One Trick To Level Up Your Reverse Engineering [ Reverse Engineering AMA ]
play_arrow
How To Identify Unknown Crypto Functions [ Reverse Engineering AMA ]

How To Identify Unknown Crypto Functions [ Reverse Engineering AMA ]
play_arrow
Tips For Writing a .NET Static Config Extractor for Malware [ Reverse Engineering AMA ]

Tips For Writing a .NET Static Config Extractor for Malware [ Reverse Engineering AMA ]
play_arrow
What Is The Most Interesting Malware From 2022 [ Reverse Engineering AMA ]

What Is The Most Interesting Malware From 2022 [ Reverse Engineering AMA ]
play_arrow
Most Embarrassing Malware You Have Analyzed [ Reverse Engineering AMA ]

Most Embarrassing Malware You Have Analyzed [ Reverse Engineering AMA ]