Friday December 25th

Friday December 18th

Thursday December 3rd

Tuesday December 1st

Monday November 16th

Sunday November 15th

Friday November 6th

Tuesday November 3rd

Wednesday October 14th

1 Kicks

The flawed crypto of Hacking Team's 'core-packer' malware crypter

Warning: The repository associated with this post contains malicious binaries (core, core_packed, soldier, soldier_packed) for educational purposes. Don't go around toying with them if you don't know what you're doing. A couple of days ago i came across this post detailing a joint project between Ethan Heilman and Will Cummings discussing Hacking Team's crypter named 'core-packer'. The crypter's source was leaked online after the Hacking Team compromise of July 2015. As Heilman notes despite the name 'core-packer' is a crypter as it doesn't perform compression but rather uses anti-analysis functionality (including encryption) to obfuscate malicious PEs in order to evade anti-virus products. Taking a look at 'core-packer' provides an interesting glimpse at the quality (or lack thereof) of 'government-grade' commercial malware products.

0 comments

Commenting on Stories is limited for now and will open up to those recommended by the community. Learn how
Loading InfoSecKicks...
brought to you by the Kicks Network