Qualys Vulnerabliity & Malware Research Labs (VMRL)
Blackhat 2012 Presentation Samples
TiTle: A Scientific (but non academic) study of how malware employs anti-debugging, anti-disassembly and anti-virtualization technologies
Authors: Rodrigo Rubira Branco - rbranco NOSPAM qualys.com Gabriel Negreira Barbosa - gbarbosa NOSPAM qualys.com Pedro Drimel Neto - pdrimel NOSPAM qualys.com
The samples are divided in four categories: Anti-Debugging Anti-Disassembly Obfuscation Anti-VM
Anti-Debugging POCs were developed in C/C++ using Visual Studio 2010 and Assembly with Flat Assembler, they are in the folder Csrc and ASMsrc, respectively.
Anti-Disassembly and Obfuscation POCs were developed in Assembly with Flat Assembler and are available in the folder ASMsrc.
Anti-VM POCs were developed in C/C++ using Visual Studio 2010 and is available in the Csrc folder.
Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
C++ Assembly C
Fetching latest commit…
Cannot retrieve the latest commit at this time.
|Failed to load latest commit information.|