Skip to Content
Learning Malware Analysis
book

Learning Malware Analysis

by Monnappa K A
June 2018
Beginner
510 pages
13h 7m
English
Packt Publishing
Content preview from Learning Malware Analysis

2.1 Identifying Crypto Signatures Using Signsrch

A useful tool to search for the cryptographic signatures in a file or process is Signsrch, which can be downloaded from http://aluigi.altervista.org/mytoolz.htm. This tool relies on cryptographic signatures to detect encryption algorithms.  The cryptographic signatures are located in a text file, signsrch.sig. In the following output, when signsrch is run with the -e option, it displays the relative virtual addresses where the DES signatures were detected in the binary:

C:\signsrch>signsrch.exe -e kav.exeSignsrch 0.2.4by Luigi Auriemmae-mail: aluigi@autistici.orgweb: aluigi.org  optimized search function by Andrew http://www.team5150.com/~andrew/  disassembler engine by Oleh Yuschuk- open file ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Practical Malware Analysis

Practical Malware Analysis

Michael Sikorski, Andrew Honig
Malware Analysis Techniques
Mastering Malware Analysis

Mastering Malware Analysis

Alexey Kleymenov, Amr Thabet
Evasive Malware

Evasive Malware

Kyle Cucci

Publisher Resources

ISBN: 9781788392501Other