The FireEye FLARE team’s newest contribution to the malware analysis community, FLOSS, is an open-source tool to automatically detect, extract, and decode obfuscated strings in Windows Portable Executable files. FLOSS helps fight against malware authors who commonly obfuscate strings in their programs to deter static and dynamic analysis, and can extract strings that are deobfuscated by decoding routines, while recovering stackstrings and obtaining all static strings.Read more...
Entries filed under 'Moritz Raabe'
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.