crontab ps bash
OllyScript – Automating detection and unpacking the Conficker Worm Variant B/C
In order to bring the problem of extracting unpacking code into the realm of decidability, MyCERT had been working on automating the unpacking script in an assembly-like language. The script, called OllyScript, can be used to unpack malicious worm Win32/Conficker B and Win32/Conficker C. OllyScript is the scripting language plugin for OllyDbg. It simulates user’s […]
MyKotakPasir: Solved major problem during automated analysis.
MyKotakPasir 2 is a malware sandbox developed by Malware Research Center at MyCERT. A lot of improvements have been introduced since the first version. For instance, in the previous version, 2 different programming languages, namely Python and VB, were used to handle analysis work. Due to some teething problems with Python, I have changed everything to […]
MyCERT have been developing a few analysis tools for reversing. MySuntikanAPI is still in alpha version and need more improvement. Every hooked API will capture detail information to make sure we don’t miss any behavior especially in malware sample. API Hooking is same as IAT hooking. One of the tools that we created is called […]