HackDig : Dig high-quality web security articles

[SANS ISC] Simple Analysis of an Obfuscated JAR File

2017-11-03 16:40

I published the following diary on isc.sans.org: “Simple Analysis of an Obfuscated JAR File“.

Yesterday, I found in my spam trap a file named ‘0.19238000 1509447305.zip’ (SHA256: 7bddf3bf47293b4ad8ae64b8b770e0805402b487a4d025e31ef586e9a52add91). The ZIP archive contained a Java archive named ‘0.19238000 1509447305.jar’ (SHA256: b161c7c4b1e6750fce4ed381c0a6a2595a4d20c3b1bdb756a78b78ead0a92ce4). The file had a score of 0/61 in VT and looks to be a nice candidate for a quick analysis. .jar files are ZIP archives that contain compiled Java classes and a Manifest file that points to the initial class to load. Let’s decompile the classes. To achieve this, I’m using a small Docker container… [Read more]

[The post [SANS ISC] Simple Analysis of an Obfuscated JAR File has been first published on /dev/random]

Source: /elif-raj-detacsufbo-sisylana-elpmis-csi-snas/30/11/7102/eb.llehstoor.golb

Read:6559 | Comments:0 | Tags:Malware SANS Internet Storm Center Security Java JRAT SANS I

“[SANS ISC] Simple Analysis of an Obfuscated JAR File”0 Comments

Submit A Comment



Blog :

Verification Code:


Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud