HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

Dynamic Binary Instrumentation for Deobfuscation and Unpacking

Daniel Reynaud 1 Jean-Yves Marion 1
1 CARTE - Theoretical adverse computations, and safety
Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : We propose to extend the toolbox of reverse engineers beyond disassemblers, debuggers and emulators. Using dynamic binary instrumentation, it is very simple to write advanced tools such as automatic unpackers, system call tracers and deobfuscators. Based on our experiments, DBI is suitable for malware analysis. In this presentation, we will present a simple and accurate automatic unpacker integrated with IDA Pro and a Javascript deobfuscator, all written using DBI techniques.
Document type :
Conference papers
Complete list of metadata

https://hal.inria.fr/inria-00431666
Contributor : Daniel Reynaud Connect in order to contact the contributor
Submitted on : Thursday, November 12, 2009 - 5:15:30 PM
Last modification on : Saturday, October 16, 2021 - 11:26:05 AM

Identifiers

  • HAL Id : inria-00431666, version 1

Collections

Citation

Daniel Reynaud, Jean-Yves Marion. Dynamic Binary Instrumentation for Deobfuscation and Unpacking. IN-DEPTH SECURITY CONFERENCE 2009 EUROPE, Nov 2009, Vienne, Austria. ⟨inria-00431666⟩

Share

Metrics

Record views

264