Friday, June 11, 2010

Gunpack - God's Unpacker

To protect malwares from detection by AV vendors malware authors use packers/cryptors for protection. For malware analysts unpacking executable is the greatest problem they encounter while analyzing protected executable files.
To combat packer challenges a memory dumping attack was employed in GUnpack tool.G(ods)Unpack tool unpacks packed executable files based on memory dumping technique.

Download page[Google code]
Posted by at No comments:

Wednesday, June 9, 2010

Autorun Cleaning tool

To clean autorun files on all the drives I have written a handy tool in Visual C.

Link1  [File Factory]
Link2 [YourFileLink]
Link3 [RapidShare]

Zipfile MD5 : BEEB5D98FBB1031F1046D801D61074DD
          SHA1: D841CD5F60448FA2E487FDED179CA5E05DF79DBB

Unzip the file and check checksum before using.

SHA1 : 9A83F85FB7BFE0D585BAE662A946D8025695D11D
MD5 :BD891972669DD82393F303DDA15BF2CE
Posted by at 1 comment:

Sunday, June 6, 2010

+White Angel's foolish pages: How Wecorl trapped security giant MCAffee

+White Angel's foolish pages: How Wecorl trapped security giant MCAffee
Posted by at No comments:

Buster sandbox Released

A new sand boxing tool Buster sand box has been released.

The tools is available for free and can be downloaded at.
It has both automatic and manual analysis mode.

It even has digital signature detection option also.

It monitors file, Registry, Network changes etc.
It can be also made to work in hidden mode using a build in driver that comes with it.
It also has excluding list to exclude certain file and registry changes.
It needs sandboxie sandbox.
Posted by at No comments:
Subscribe to: Posts (Atom)