Source |
Security Intelligence |
Identifiant |
4072035 |
Date de publication |
2022-02-02 17:00:00 (vue: 2022-02-02 18:05:57) |
Titre |
TrickBot Gang Uses Template-Based Metaprogramming in Bazar Malware |
Texte |
Malware authors use various techniques to obfuscate their code and protect against reverse engineering. Techniques such as control flow obfuscation using Obfuscator-LLVM and encryption are often observed in malware samples. This post describes a specific technique that involves what is known as metaprogramming, or more specifically template-based metaprogramming, with a particular focus on its implementation […]
|
Envoyé |
Oui |
Condensat |
against are authors based bazar code control describes encryption engineering flow focus gang implementation involves its known llvm malware metaprogramming more obfuscate obfuscation obfuscator observed often particular post protect reverse samples specific specifically such technique techniques template trickbot use uses using various what |
Tags |
Malware
|
Stories |
|
Notes |
|
Move |
|