Category Archives: RE

Fake “Police Trojan” analysis

For some time the “virus of the police” has become an epidemic across Europe. Currently a variant of the first sample, found during summer of 2011, is infecting Windows operating system users. It blocked the system on startup, with a … Continue reading

Posted in Analiza, Malware, RE | Leave a comment

BHO Reversing

From a long time for those days (BHO is supported since IE 4.0) malware writers exploit BHO functionality to bully on IE users. Mostly evil BHO has two functionality ( for sure if we talk about bankers): – monitoring/logging requests … Continue reading

Posted in Aplikacja, Malware, RE | Tagged , , , , , , | 6 Comments

NameChanger ver 1.0 – OllyDbg plugin

I recently returned to an idea of an OllyDbg plug-in which would provide functionality similar like in an IDA related with inter alia :changing name of functions or setting more readable form for global variables. I think that the best … Continue reading

Posted in Aplikacja, RE | Tagged , , | 9 Comments

Windows LongPaths – extended-length paths

Maybe you are one of persons who belived for this moment that maximal length of path in Windows is equal to MAX_PATH ( 260 signs). Nothing further from the truth !!!. In document which you can download below I have … Continue reading

Posted in Analiza, Bez kategorii, RE, Security | Tagged , , , , , , , | 14 Comments

Logical bug in GMER

Messing a little bit recently with a gmer’s code I discovered logical bug which can cause abnormal behavior of an random applications. Our object of interest will be the newest gmer’s driver on day 22.07.2010. FileVersion : 1, 0, 15, … Continue reading

Posted in Analiza, RE | Tagged , , , , | Leave a comment