While working on the last ‘Reversing Rogues’ blog post (See it here) I noticed that SpyFighter.exe was packed with UPX. Detect it Easy showing SpyFighter packed...
Unpacking Modified UPX
Reversing Rogues #5 - SpyFighter - [x64 graph view]
SpyFighter - Let’s unveil the dusty secrets of this old rogue and use an under utilized feature of x64dbg - Graph View- to do it. Today, for educational pur...
Reversing Rogues #4 - AdwareAlert - [loops]
AdwareAlert, would pose as a cybersecurity hero but plays the role of a digital scam artist. Users, often anticipating the protection of Lavasoft’s Ad-Aware, woul...
Reversing Rogues #3 - AdWare Punisher - [more md5]
AdwarePunisher - another relic, rogue anti-spyware that finds ‘infections’ on a clean box like a detective finding a speck of dust in a vacuum. Of course the ...
Reversing Rogues #2 - AntispyBoss - [basic md5]
Antispyboss, a well-known relic of the digital past. In classic rogue fashion, Antispyboss users are treated to a parade of counterfeit infections, each more...
Reversing Rogues #1 - WindowsAV - [repne scasw]
Recently, I’ve been delving into the world of serial creation routines in ancient rogue software—for fun and profit. I’m very much a novice, but I’ve embrac...