Category Archives: Tools

Hook the planet! Solving FlareOn4 Challenge6 with libPeConv

Recently I started making a small library for loading and converting PE files (libpeconv – EARLY BETA available on my GitHub). In my previous post, I demonstrated how the Challenge 3 from FlareOn4 could be solved with it’s help: I … Continue reading

Posted in CrackMe, Programming, Tools | Tagged , , , | Leave a comment

Import all the things! Solving FlareOn4 Challenge 3 with libPeConv

Recently I started making a small library for loading and converting PE files (libpeconv, available on my GitHub). The library is still on early stages of development, so please don’t judge and don’t use it in any serious projects. The … Continue reading

Posted in CrackMe, Programming, Tools | Tagged , , , | Leave a comment

Introducing PE_unmapper

Recently I wrote a small tool, that can be used as a helper in malware analysis. Various malware types unpack their core modules in memory, load them and run. In order to unpack them fast, we can let the malware … Continue reading

Posted in Malware, Tools, Tutorial | Tagged , | 1 Comment

Princess Locker decryptor

[UPDATE: 28th Nov 2016] – unfortunately, recently a new variant appeared, that fixed the bug which allowed me crack this ransomware. If generating the key takes more than few minutes,¬† it probably means that you has been infected by the … Continue reading

Posted in Malware, Malware Decryptor, Tools | 12 Comments

Anti-Petya live CD (the fastest Stage1 key decoder)

UPDATE: 17-th July a new version of Petya has been released. At the moment, there is no way to decrypt the disk. Don’t let the infection reach the Stage 2! Please read first Petya key decoder for more background information. … Continue reading

Posted in Malware, Malware Decryptor, Tools | 5 Comments

Petya key decoder

CODE Sourcecodes of my applications related to recovery from Petya attacks Key decoder for multiple Petyas based on Janus’ masterkey Petya Green – app for brutforce attack on Green Petya’s key multicore version by procrash Red Petya key recovery based … Continue reading

Posted in Malware, Malware Decryptor, Tools | 19 Comments

DMA Unlocker

I managed to crack some of the variants of DMA Locker ransomware (version with RSA key), described [here]. For those who are hit by this version , there is an experimental decryptor for it. More details and updates you can … Continue reading

Posted in Malware, Malware Decryptor, Tools | Leave a comment