Entries filed under 'Malicious Executable'

Threat Research Blog

FireEye posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. These blog posts cover everything from exploits and vulnerabilities, to advanced malware and targeted attacks.

    Unpacking SimplePack

    By Abhishek Singh
    By packing their malicious executable, malware authors can be sure that when they are opened in a disassembler they will not show the correct sequence of instructions, thus making malware analysis a lengthier and more difficult process.SimplePack is yet another packer often used by malware authors. Specifically, it uses LZMA compression. When the packed process is opened in the debugger, the packed code starts with the instruction PUSHAD as seen in Figure Read more...