Malware Analysis - 3CX SmoothOperator Authenticode Abuse
Рет қаралды 1,109
Күн бұрын
@MalwareAnalysisForHedgehogs Жыл бұрын
SmoothOperator abuses Microsoft Authenticode signatures to seem valid. Here is an explanation how it works and how to detect it in files. Buy me a coffee: ko-fi.com/struppigel Follow me on Twitter: twitter.com/struppigel AnalysePESig: blog.didierstevens.com/programs/authenticode-tools/ SigFlip: github.com/med0x2e/SigFlip Sysinternals: learn.microsoft.com/en-us/sysinternals/downloads/sysinternals-suite Using unauthenticated data inside authenticode signed binaries: web.archive.org/web/20150426192725/blogs.msdn.com/b/ieinternals/archive/2014/09/04/personalizing-installers-using-unauthenticated-data-inside-authenticode-signed-binaries.aspx
@ParthGupta-my9ox Жыл бұрын
feels good to be the hedgehog. Thanks man♥♥
MalwareAnalysisForHedgehogs
Рет қаралды 1,3 М.
THẾ GIỚI 24H
Рет қаралды 10 МЛН
Family Games Media
Рет қаралды 55 МЛН
Nikita Zdradovskiy
Рет қаралды 7 МЛН
MalwareAnalysisForHedgehogs
Рет қаралды 934