Sabyasachi Mitra

icon location interested in web , web browsers and malwares

Results 11 comments of Sabyasachi Mitra

Add symbol name features for dynamically resolved function pointers

@mike-hunhoff Sir I am interested to take up this issue can you assign it to me ?

Add symbol name features for dynamically resolved function pointers

@zdwg42 can you give me a sample PE which does the dynamic loading like this

Add symbol name features for dynamically resolved function pointers

@zdwg42 I hope these testfiles are not live malware ?

Add symbol name features for dynamically resolved function pointers

@zdwg42 can you describe me how were you analyzing the PE in capa which commands you used . I don't think Capa extracts the api by itself it used vivisect...

Add symbol name features for dynamically resolved function pointers

you analysed the NtFsControlFile dynamic call in ghidra right ?

Add symbol name features for dynamically resolved function pointers

I think the rule you proposed - runtime_resolved: true can be implemented by a vivisect script of searching for the GetProcAddress api or LoadLibrary and seeing the parameter that is...

Add symbol name features for dynamically resolved function pointers

@williballenthin Sir , can you assign me this work ? Describe me the necessary changes in detail and any prerequisites knowledge I need to know .

rich.errors.MarkupError: closing tag '[/\xe1\xa5\xf9\x96_/x\xecJ@]' at position 668 doesn't match any open tag

@williballenthin @mike-hunhoff can you confirm if this issue is still there and how to reproduce it ? I do not see capa rendering any string .

Crash on binary analysis: Exception: Invalid String Size: 0

@Valentin-Metz Sir I am interested to work on your issue . Can you confirm is it still there , can you give me what it says if done with --debug...

Analyze just stops and does not give any output

@Siradankullanici see the debug input I think he had unpacked it .