SWF file unpacking with REVEN

Matryoshka dolls.

Source: wikimedia commons

Recently we took a look at a new flash player exploit used by the Angler exploit kit. The sample was obfuscated using the well known 'packing' technique: the dropped swf file embeds a second stage swf in the form of an encrypted blob that will be decrypted ...

more ...