All Hacking Tools And Hacking Tutorials Are Only For Education Purposes,..

Crypters And Binders eBook - FOCSoft

Unknown  Hacking-eBooks  No comments



Handbook about Crypters and Binders

 Assalam O Alikum Friends,






I have written an E-Book about a topic that seems to be of interest for a lot of people. This is meant for people who want to know how crypters and binders work, either because they are interested in malware analysis or because they want to write one. The book covers the core concepts, techniques and the terminology that is frequently used to describe features of a crypter or binder. It also contains source code samples. I intend to include more code samples in the upcoming versions. So visit the github page later and look for new versions, if you need more samples.
The book has 28 pages by now.

Contents:

Quote:1 Preface
1.1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2 Target audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

2 Packer
2.1 Packer classification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.2 Binder, joiner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

3 Malware detection by antivirus scanners
3.1 Signature based detection . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.2 Heuristic analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

4 Inner workings of a binder
4.1 Portable Executable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
4.2 Using the overlay of the PE . . . . . . . . . . . . . . . . . . . . . . . . . . 10
4.3 Embedding files into the resource section . . . . . . . . . . . . . . . . . . . 13
4.4 Other PE binding techniques . . . . . . . . . . . . . . . . . . . . . . . . . 14
4.5 Binding techniques for other file formats . . . . . . . . . . . . . . . . . . . 14

5 Inner workings of a crypter
5.1 Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
5.2 Oligomorphic, polymorphic and metamorphic . . . . . . . . . . . . . . . . 17
5.3 Unique stub generation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
5.4 Obfuscation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
5.5 Scantime and runtime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
5.6 Resulting file size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
5.7 Undetection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

6 License and contact
6.1 License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
6.2 Contact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26






Bibliography

Download: Click Here For Download

License: Creative Commons License, Attribution-NonCommercial-ShareAlike 4.0

Please Share This Post With Your Frinds :) FOCSoft
SOCIALIZE IT →
FOLLOW US →
SHARE IT →

0 Comments:

Post a Comment

If you're having issues, Please leave an email address I can contact you on -
I advise you to also "subscribe to the comment feed" and get email updates when I respond to your question.

Hyperlinks are not allowed, Spam/advertising comments will NEVER BE TOLERATED and will be deleted immediately!

Thanks for reading,
Administrator Of FOCSoft

Subscribe to: Post Comments (Atom)

Stay Updated With Facebook
Please Click Like Button

Receive Free Updates (EMail):

Powered By FOCSoft

 

Copyright © 2013 FOCSOFT All Rights Reserved By:- Muhammad Shahbaz