A forum for reverse engineering, OS internals and malware analysis 

Search found 4 matches

 Go to advanced search

Re: Decompile perl2exe ?

 by Cyb3rHack3r ¦  Sat Mar 02, 2013 7:58 am ¦  Forum: Newbie Questions ¦  Topic: Decompile perl2exe ? ¦  Replies: 10 ¦  Views: 34618

Sorry for the delay, No need to post i got the sample from here only

http://www.kernelmode.info/forum/viewto ... pos#p14595

file name is lanst

I actually learned a lot while trying to decomplie this, I still didn't decomplie it but still trying.

Re: Decompile perl2exe ?

 by Cyb3rHack3r ¦  Fri Mar 01, 2013 8:43 pm ¦  Forum: Newbie Questions ¦  Topic: Decompile perl2exe ? ¦  Replies: 10 ¦  Views: 34618

Thanks for the reply, however i did mange to get the files which are created using a disassembler But the files are saved in a temp folder which are jest bunch of dlls used by perl2exe so i think it is decrypting the data in the memory or something, I did dump the memory i do see small parts of the ...

Re: Decompile perl2exe ?

 by Cyb3rHack3r ¦  Fri Mar 01, 2013 7:32 pm ¦  Forum: Newbie Questions ¦  Topic: Decompile perl2exe ? ¦  Replies: 10 ¦  Views: 34618

I actully tried to follow that tut before as well but i got stuck at Load this up in IDA. There is a routine in the p2x.dll which will loop over the decrypted TOC, the TOC contains a list of filenames, sizes and a flag indicating whether it is encrypted or not. As its enumerating the list (at startu...

Decompile perl2exe ?

 by Cyb3rHack3r ¦  Fri Mar 01, 2013 6:07 pm ¦  Forum: Newbie Questions ¦  Topic: Decompile perl2exe ? ¦  Replies: 10 ¦  Views: 34618

Hay, Guys So i need little help, I am new to malaware reverse engineering but i really love to learn more Now i am trying to Decompile a malware which is complied using perl2exe Now like i said i am new i tried my best but no luck because i have never Decompiled a perl2exe file before So i am not fu...