izpis_h1_title_alt

Razkrivanje zlonamerne zmaličene kode
ID JANHAR, NEJC (Author), ID Slivnik, Boštjan (Mentor) More about this mentor... This link opens in a new window

.pdfPDF - Presentation file, Download (1,90 MB)
MD5: D384AE4514CB23C5932F0DD21E728020

Abstract
Zlonamerna programska oprema lahko povzroči veliko škode. Pisci teh programov uporabljajo raznolike metode, ki skrijejo njihov program in okužijo ciljni sistem. Uporabljajo različne metode prikrivanja delovanja, ki nam otežijo analizo. Poleg tega običajno nimamo dostopa do njihove izvorne kode. To zaplete analizo in zahteva bolj specializirano znanje. Pomembno je, da poznamo delovanje zlonamerne programske opreme. S tem lahko omejimo širjenje in zmanjšamo nadaljnjo škodo. Pri tej diplomski nalogi bomo izpostavili nekaj osnovnih metod analize in analizirali konkretni zmaličen zlonamerni program. Opisali bomo statično in dinamično metodo analize ter orodja, ki jih pri tem uporabljamo. Analizirali bomo zlonamerno programsko operemo DarkComet, ki je bila zmaličena z uporabo ASProtect pakirnika.

Language:Slovenian
Keywords:zlonamerna koda, obratni inženiring, x86 zbirnik, ASProtect, DarkComet
Work type:Bachelor thesis/paper
Typology:2.11 - Undergraduate Thesis
Organization:FRI - Faculty of Computer and Information Science
Year:2021
PID:20.500.12556/RUL-124791 This link opens in a new window
COBISS.SI-ID:52393731 This link opens in a new window
Publication date in RUL:18.02.2021
Views:873
Downloads:191
Metadata:XML RDF-CHPDL DC-XML DC-RDF
:
Copy citation
Share:Bookmark and Share

Secondary language

Language:English
Title:Revealing malicious obfuscated code
Abstract:
Malware can cause a lot of damage. Writers of these programs use a variety of methods that hide their program and infect the target system. They use different obfuscation methods that make their analysis difficult. In addition, we usually do not have access to their source code. This complicates the analysis and requires more specialized knowledge. It is important to know how malware works. This can limit the spread and reduce further damage. In this thesis, we will highlight some basic methods of analysis and analyze a real obfuscated malware. We will describe static and dynamic methods of analysis and the tools that are used for each of them. We will analyze the DarkComet malware, which was obfuscated using ASProtect packer.

Keywords:malicious code, reverse engineering, x86 assembly, ASProtect, DarkComet

Similar documents

Similar works from RUL:
Similar works from other Slovenian collections:

Back