Friday December 25th

Friday December 18th

Thursday December 3rd

Tuesday December 1st

Monday November 16th

Sunday November 15th

Friday November 6th

Tuesday November 3rd

Wednesday October 14th

1 Kicks

The flawed crypto of Hacking Team's 'core-packer' malware crypter

Warning: The repository associated with this post contains malicious binaries (core, core_packed, soldier, soldier_packed) for educational purposes. Don't go around toying with them if you don't know what you're doing. A couple of days ago i came across this post detailing a joint project between Ethan Heilman and Will Cummings discussing Hacking Team's crypter named 'core-packer'. The crypter's source was leaked online after the Hacking Team compromise of July 2015. As Heilman notes despite the name 'core-packer' is a crypter as it doesn't perform compression but rather uses anti-analysis functionality (including encryption) to obfuscate malicious PEs in order to evade anti-virus products. Taking a look at 'core-packer' provides an interesting glimpse at the quality (or lack thereof) of 'government-grade' commercial malware products.


Commenting on Stories is limited for now and will open up to those recommended by the community. Learn how
Loading InfoSecKicks...
brought to you by the Kicks Network