APT32_Deobfuscate
APT32_Deobfuscate copied to clipboard
Published
20 hours ago •
levanvn
levanvn
My scripts to deobfuscate APT32 malware
My APT32-Deobfuscator Requires Capstone (http://www.capstone-engine.org/), Keystone (https://www.keystone-engine.org/) to run I have written some explanations in the article: https://blog.viettelcybersecurity.com/apt32-deobfuscation-arsenal-deobfuscating-mot-vai-loai-obfucation-toolkit-cua-apt32-phan-1/ https://blog.viettelcybersecurity.com/apt32-deobfuscation-arsenal-deobfuscating-mot-vai-loai-obfucation-toolkit-cua-apt32-phan-2/
Note: This repo contains malicious code. Please run it on Virtual Machine Pass to unzip: infected
levanvn