1 post in archive

Tracing network data back to encryption

16 Jul 2020 by Mathieu - REVEN - Reverse Engineering Malware Analysis Analysis API Taint REVEN

In this video, we demonstrate how REVEN makes it possible to connect data sent through the network with the code that generated it beforehand. In our case, this reveals a decryption routine in a malware. The first step is to reconstruct a usable PCAP file from the trace to explore...