General Science and Philosophy


Breaking a Multi-Layer Crypter Through Reverse-Engineering, a Case Study Into the Man1 Crypter

Authors: Jason Reaves

Crypters and packers are common in the malware world, lots of tech- niques have been invented over the years to help people bypass security measures commonly used. One such technique where a crypter will use multiple, sometimes dynamically generated, layers to decode and unpack the protected executable allows a crypter to bypass common security mea- sures such as Antivirus. While at the end of this paper we will have con- structed a working proof of concept for an unpacker it is by no means meant as a production level mechanism, the goal is simply to show the reversing of routines found in a crypter while using a reverse-engineering framework that is geared towards shellcode analysis to our benefit for malware analysis.

Comments: 8 Pages.

Download: PDF

Submission history

[v1] 2017-06-18 19:03:08

Unique-IP document downloads: 30 times is a pre-print repository rather than a journal. Articles hosted may not yet have been verified by peer-review and should be treated as preliminary. In particular, anything that appears to include financial or legal advice or proposed medical treatments should be treated with due caution. will not be responsible for any consequences of actions that result from any form of use of any documents on this website.

Add your own feedback and questions here:
You are equally welcome to be positive or negative about any paper but please be polite. If you are being critical you must mention at least one specific error, otherwise your comment will be deleted as unhelpful.

comments powered by Disqus