Blackhat 2012 Sample Codes
C++ Assembly C
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
ASMsrc
Csrc
README.md
blackhat2012-paper.pdf
blackhat2012-presentation.pdf

README.md

<title>README</title>
Qualys Vulnerabliity & Malware Research Labs (VMRL)

Blackhat 2012 Presentation Samples

TiTle: A Scientific (but non academic) study of how malware employs anti-debugging, anti-disassembly and anti-virtualization technologies

Authors: Rodrigo Rubira Branco - rbranco NOSPAM qualys.com Gabriel Negreira Barbosa - gbarbosa NOSPAM qualys.com Pedro Drimel Neto - pdrimel NOSPAM qualys.com

The samples are divided in four categories: Anti-Debugging Anti-Disassembly Obfuscation Anti-VM

Anti-Debugging POCs were developed in C/C++ using Visual Studio 2010 and Assembly with Flat Assembler, they are in the folder Csrc and ASMsrc, respectively.

Anti-Disassembly and Obfuscation POCs were developed in Assembly with Flat Assembler and are available in the folder ASMsrc.

Anti-VM POCs were developed in C/C++ using Visual Studio 2010 and is available in the Csrc folder.