Sample
- SHA256
-
4ada609d908afd3bb171ab8287cd2ada2cf112c80c9786e10441d68d979caa4c - Difficulty
- medium
- Platform
- Multiple
- Tags
- backdoor obfuscated python
- Likes
- 0
- Views
- 92
- Submitter
- struppigel
Analysis
Goal
Deobfuscate the sample.
How does the domain name generation work?
How does this sample receive and execute code from the attacker?
Description
The obfuscation might seem daunting at first, but most of that code is junk.
Using the patch and dump method is the fastest way to get the resulting code.
Recommended Tools
pycdc python
Image
Comments
Please login to view and post comments.