Monthly Archives: July 2016

How to turn a DLL into a standalone EXE

During malware analysis we can often encounter payloads in form of DLLs. Analyzing them dynamically may not be very handy, because they need some external loaders to run. Different researchers have different tricks to deal with them. In this post … Continue reading

Posted in Malware, Techniques, Tutorial | 11 Comments

Unpacking NSIS-based Crypter – part 2

After publishing my short tutorial about unpacking NSIS-based crypter I got one more sample from a reader who complained that my method doesn’t work – so I decided to take a look inside. Of course cybercriminals continuously work on improving … Continue reading

Posted in Malware, Tutorial | 2 Comments

Unpacking NSIS-based Crypter – step by step

Nowadays we can encounter many malware samples packed by a crypter using installer scripts. We can distinguish them by a NSIS tag on Virus Total: Often, (but not always) they come with a standard NSIS icon: In this tutorial, I … Continue reading

Posted in Malware, Tutorial | 12 Comments