Log in

View Full Version : some crushing malware unpacking


evaluator
September 21st, 2012, 04:37
well, found some XOR-ed malware loader, which crushed on XP. (aclyop.exe)
then I just forsed all code peaces to dexor.. (aclyop_dexored.exe)
job happens in 3 update-able TLS-callbacks.

finally new process will launched with decrypted and remapped main module. (aclyop_inside.bin)


Password: malware

Woodmann
September 21st, 2012, 21:37
So is the exercise to guess the password ?

Woodmann

Kayaker
September 21st, 2012, 22:43
The password is
malware