Labeless Part 6: How to Resolve Obfuscated API Calls in the Ngioweb Proxy Malware

October 3, 2018 5:07 am

In this part we show how to deal with obfuscated Windows API calls in Ngioweb malware using Labeless and x64dbg without reconstructing API-resolving algorithm. If you’re new to all this Labeless stuff, though,... Click to Read More

Labeless Part 5: How to Decrypt Strings in Boleto Banking Malware Without Reconstructing Decryption Algorithm.

October 3, 2018 4:51 am

In this part we show how to decrypt strings present in the module of Boleto malware – without reconstructing the decryption algorithm. If you’re new to all this Labeless stuff though, please refer... Click to Read More

Labeless Part 4: Scripting

October 3, 2018 4:48 am

In this part of our Labeless series, we will discuss the theory behind Labeless scripting. If, however, you’re new to all this Labeless stuff, please refer to the previous articles in this series... Click to Read More

Labeless Part 3: How to Dump and Auto-Resolve WinAPI Calls in LockPos Point-of-Sale Malware

August 23, 2018 4:17 am

In this part we show how to automatically resolve all WinAPI calls in malicious code dump of LockPoS Point-of-Sale malware. Instead of manually reconstructing a corrupted Import Address Table we simply extract a... Click to Read More

Labeless Part 2: Installation

August 23, 2018 4:16 am

In this part we will be guiding you through the installation of Labeless. Post install steps to verify that installation was done correctly are also provided below. Of course, if you’re new to... Click to Read More

Labeless Part 1: An Introduction

August 23, 2018 4:15 am

Labeless, a plugin for both IDA and popular debuggers, is an invaluable tool in the researcher’s tool kit. In this first part of a four part series, we will be mainly introducing Labeless... Click to Read More