Confuser.Core 1.6.0+447341964f Unpack Malware

By NubezGT
August 4, 2022 in Malware Reverse Engineering

Share

https://forum.tuts4you.com/topic/43677-confusercore-160447341964f-unpack-malware/

Followers 0

Recommended Posts

NubezGT

Posted August 4, 2022

Posted August 4, 2022 (edited)

As far as I know, the file gets the actual malware (RAT to be specific) file from the resources and opens it. I'm stuck on the string decryption part.

It's protected with Confuser.Core 1.6.0+447341964f

The assembly is .NET, C#

LinkApprove.exe

Edited August 6, 2022 by NubezGT

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now