Tag Archives: Malware

Yet another PDF/XDP Malware

Today we’re going to analyze yet another sample of PDF containing an XDP form. The difference between this sample and the one of my previous post is that this one will be less about JavaScript deobfuscation and more about anti-analysis … Continue reading

Posted in PDF, Profiler | Tagged , , , | Comments Off on Yet another PDF/XDP Malware

Malware in a MSG

Even though sending malware via zipped attachments in spam emails is nothing new and had been around for eons but many people are still puzzled at how it works. Thus, I will go through with you on how to do … Continue reading

Posted in CFBF, Profiler | Tagged , , , | 4 Comments

PDF/XDP Malware Reversing

Recently version 2.6 of Profiler has been released and among the improvements support for XDP has been introduced. For those of you who are unfamiliar with XPD, here’s the Wikipedia description: “XML Data Package (XDP) is an XML file format … Continue reading

Posted in PDF, Profiler | Tagged , , , | Comments Off on PDF/XDP Malware Reversing

Analysis of CVE-2013-3906 (TIFF)

This is just a demonstration of malware analysis with Profiler, I haven’t looked into previous literature on the topic. So, perhaps there’s nothing new here, but I hope it will be of help for our users. We open the main … Continue reading

Posted in Profiler | Tagged , , , , , | Comments Off on Analysis of CVE-2013-3906 (TIFF)

Disclosure: Creating undetected malware for OS X

While this PoC is about static analysis, it’s very different than applying a packer to a malware. OS X uses an internal mechanism to load encrypted Apple executables and we’re going to exploit the same mechanism to defeat current anti-malware … Continue reading

Posted in Security | Tagged , , , , | 17 Comments

Creating undetected malware for OS X

We have discovered a way to defeat current anti-malware solutions. We will publicly disclose the full details of the issue in a few weeks. In the meantime, we’re more than happy to confidentially disclose the information with interested organizations (either … Continue reading

Posted in Security | Tagged , , , | Comments Off on Creating undetected malware for OS X