Hi all,
a new tutorial from Gunther has been published on our site.
Following the great works by EvilCry, I have decided it’s time to release some of my past and present works on Malware Analysis (some of them will be coming soon). This is in the hope of igniting some interests in Malware Analysis via Reverse Engineers’ mindset. This tutorial is written to provide a better understanding of where to find information and what is the aim of most Trojans. Their aim is simply to steal information or to act as a Bot in a Botnet. Please note that this article has been written for learning purposes and not for complex functionality. In the early days, there were many incidents where users received emails with malicious CHM (Microsoft Compiled HTML Help) and DOC (Microsoft Office Word Document) attachments containing Trojan Riler which is also known as BackDoor-BCB. So I have decided to impart some of my knowledge on Forensics in order to complete this tutorial, writing “Introduction to Malware Techniques and Logics part 1”. The tutorial will cover different issues: ●
How to decompile .CHM files.
How to detect and analyse the shellcode
How to dump the backdoor components
How to discover the communication protocol
I hope that this could begin a new chapter in the ongoing series of Reverse Engineering and Forensics guides from ARTeam and spark a new interest.