Ch 13: Data Encoding
Practical Malware Analysis
Ch 13: Data Encoding
Revised 11-24-20
The Goal of Analyzing Encoding Algorithms
Reasons Malware Uses Encoding
? Hide configuration information
? Such as C&C domains
? Save information to a staging file
? Before stealing it
? Store strings needed by malware
? Decode them just before they are needed
? Disguise malware as a legitimate tool
? Hide suspicious strings
Simple Ciphers
Why Use Simple Ciphers?
? They are easily broken, but
? They are small, so they fit into spaceconstrained environments like exploit shellcode
? Less obvious than more complex ciphers ? Low overhead, little impact on performance
? These are obfuscation, not encryption
? They make it difficult to recognize the data, but can't stop a skilled analyst
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related download
- base64 encoding on heterogeneous computing platforms
- comparison of the lora image transmission efficiency based
- faster base64 encoding and decoding using avx2 instructions
- the base16 base32 and base64 data encodings
- network working group s josefsson the base16 base32 and
- java base64 string to pdf file
- ch 13 data encoding
- maximum value transferred extension
- project 5 base64
- network working group s josefsson ed category