Unable to unpack malware sample

Discussion on reverse-engineering and debugging.
Post Reply
DanusMinimus
Posts: 2
Joined: Wed Dec 20, 2017 6:16 pm

Mon Dec 25, 2017 11:44 pm

Hello, I'm trying to unpack malware packed with ConfuserEx 1.0.0 and I can't seem to get it to work.. Each time I remove the anti-tamper the whole file gets corrupted.

I would appreciate help with understand how to unpack it. Ill provide the sample here:

[WARNING THIS IS A LIVE MALWARE SAMPLE] eagleepicsocks[dot]com/jk/jkeq[dot]exe [WARNING THIS IS A LIVE MALWARE SAMPLE]
DanusMinimus
Posts: 2
Joined: Wed Dec 20, 2017 6:16 pm

Wed Dec 27, 2017 8:41 am

A little update

Then I tried to debug it and check for memory dumps on x64(32 bit) debugger, I found some anti debugging mechanisms but I am still missing something because the program just keeps running junk code until i detach from it and it crashes, dumping it when its already loaded into memory also dumps junk code.
Post Reply