Sample

Metadata

SHA256: b0e365c603013751085946ff0500f7d8c0e3c106d3b02c368c2f267279660a6d
Difficulty: medium
Platform: Windows
Tags: anti-debug anti-vm godrat loader
Likes: 1
Views: 104
Submitter: struppigel

Analysis

Goal

Write a configuration extractor for this loader

Description

The loader has a few anti-analysis tricks up its sleeve, but unpacking it statically is relatively easy.
Find the shellcode first.

Recommended Tools

IDA speakeasy x64dbg

Solutions

Trying out speakeasy by Voixel

55

Image

Sample image

Comments

Please login to view and post comments.