Nsis decompiler1/12/2024 ![]() This analysis is based on the following samples: With time their internal structure has evolved, so we decided to revisit them and describe the inside again using samples from some of the Formbook stealer campaigns. ![]() We wrote about unpacking them in the past, i.e. The flexibility of the installer allows to implement various ideas for obfuscating malicious elements. The outer layer made of a popular and legitimate tool makes for a perfect cover. Unfortunately, its qualities are known not only to legitimate developers but also to malware distributors.įor several years we have been observing malware distributed via NSIS-based crypters. It is a free and powerful tool, making distribution of software easier. the main executable, used DLLs, configs), along with a script that controls where are they going to be extracted, and what their execution order is. It allows to bundle various elements of an application together (i.e. NSIS (Nullsoft Scriptable Install System) is a framework dedicated to creating software installers. ![]() This blog post was authored by hasherezade
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |