TitaniumHandles
October 26, 2009

TitaniumHandles

Last week was particularity interesting as we did very interesting research related to archive formats. But that's topic for some other week, today we talk about one of the code samples for TitanEngine we mentioned few weeks ago. That code sample is a sample that shows TitanEngine's handler module capabilities implemented as an OllyDBG plugin.

Read More
TitanEngine 2.0.2 on Ubuntu
October 26, 2009

TitanEngine 2.0.2 on Ubuntu

TitanEngine just became Linux friendly! Even though this framework was and is designed only for Microsoft Windows x86/x64 platforms it can work with no problems under Linux with the help of WINE. Small modifications were necessary in order to make this possible but from next release you will be able to execute all ReversingLabs unpackers under Linux distribution of your choice. We have chosen Ubuntu, what is your choice? This ensures maximum safe environment for live malware analysis for those reverse engineers that make Linux their platform of choice.

Read More
Static decryption in reverse
October 19, 2009

Static decryption in reverse

For today's blog we had to do some minor engine modifications which is always fun. Even though we met these kinds of crypters before it completely slipped our mind that some crypters decrypt data in backward direction. That is why with CryptoCrackPEProtector we introduced new function for data decryption calledStaticMemoryDecryptSpecial. Only thing special about it is that you can choose the direction of decryption and in later versions if it proves necessary byte skipping etc.

Read More
Cloudy day with exeFog
October 12, 2009

Cloudy day with exeFog

After one week detour to reversing tool coding field we return to what TitanEngine does best which making unpackers of course. This week we take a peek into what hides in the fog, exeFog.

Read More
TitaniumOverlay
October 5, 2009

TitaniumOverlay

Remember how last week we decided not to publish some tools? Well it has been brought to our attention that we can publish the binaries and later publish the source with the next TitanEngine update which is very close as it is. That is why this Monday we decided to publish TitaniumOverlay tool.

Read More
Buggy Monday, PeX story
September 28, 2009

Buggy Monday, PeX story

Its a beautiful Monday once again. What is special about this Monday is that it has its rather long introduction story. Here is what you don't know about ReversingLabs. At the end of each week we go through preparation for Monday blog. So the team decides and creates a sample code for our blog. This was also the case last week and we picked to do a blog about using TitanEngine as static library and creating a PeID plugin for handling overlay.

Read More

Pages