Sample hash:
SHA256: 76cd290b236b11bd18d81e75e41682208e4c0a5701ce7834a9e289ea9e06eb7e
Tools:
- PE files static analysis: PortExAnalyzer; PE-bear
- Debugger & plugin: x64dbg + ScyllaHide Anti-Anti-Debug
- Aplib decompress: aplib-ripper
1. Static Analysis
Thow the sample to PortEx Analyzer, tool will analyse file with a special focus on malformation. We get the results:
(more…)