Jump to content
Tuts 4 You

Unpacking Multi layered protection in a trojan horse


Recommended Posts

iceberg

Hi everyone,

I found a trojan horse while searching for a dll injector, so I tried to unpack it, but De4dot failed because it has multiple protections.
I uploaded the target to Virustotal and found that Kaspersky and Eset and other antiviruses says: UNDETECTED but am pretty sure it's a trojan horse (VirusTotal scan result)I checked it using dnspy after I used de4dot more than once. The source code still unreadable, so I thought there might be another way to unpack this file.
If someone managed to unpack it, please write a tutorial I want to learn what do when it comes to binaries packed this way.

Target can be downloaded here Download Link

Greetz

 

Edited by iceberg
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...