Throughout 2017 we have observed a marked increase in the use of command line evasion and obfuscation by a range of targeted attackers.Read more...
Entries filed under 'Obfuscation'
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
Automatically Extracting Obfuscated Strings from Malware using the FireEye Labs Obfuscated String Solver (FLOSS)June 23, 2016 9:00 AM By Moritz Raabe, William Ballenthin | Advanced Malware, Threat Research
The FireEye FLARE team’s newest contribution to the malware analysis community, FLOSS, is an open-source tool to automatically detect, extract, and decode obfuscated strings in Windows Portable Executable files. FLOSS helps fight against malware authors who commonly obfuscate strings in their programs to deter static and dynamic analysis, and can extract strings that are deobfuscated by decoding routines, while recovering stackstrings and obtaining all static strings.Read more...
December 28, 2015 9:01 AM By Tyler Dean | Exploits, Threat Research
The latest in the FLARE script series, this blog goes beyond the IDA Pro to look at the debugger scripting interface.Read more...
June 4, 2010 3:53 PM By Julia Wolf
January 14, 2010 3:22 PM By Julia Wolf