Details

_id 603437e4b888741299179414
reference ['https://bazaar.abuse.ch/sample/70ac339c41eb7a3f868736f98afa311674da61ae12164042e44d6e641338ff1f/', 'https://github.com/tccontre/knowledgebase/edit/main/malware_re_tools/iceid_stego_shell_decryptor/readme.md', 'https://tccontre.blogspot.com/2021/02/gh0strat-anti-debugging-nested-seh-try.html', 'https://twitter.com/tccontre18/status/1363914436650668035/photo/1']
md5 []
sha1 []
sha256 ['70ac339c41eb7a3f868736f98afa311674da61ae12164042e44d6e641338ff1f']
mail []
ip []
domain []
url []
user tccontre18
tweet how #ida (@HexRaysSA) #idapython helps a lot in reversing nested SEH (try{} catch) anti-debugging tricks of gh0strat to decrypt its payload. #trojan #re #Malware #int3 :) blog and simple script: https://tccontre.blogspot.com/2021/02/gh0strat-anti-debugging-nested-seh-try.html https://github.com/tccontre/KnowledgeBase/edit/main/malware_re_tools/iceid_stego_shell_decryptor/readme.md sample: https://bazaar.abuse.ch/sample/70ac339c41eb7a3f868736f98afa311674da61ae12164042e44d6e641338ff1f/ https://twitter.com/tccontre18/status/1363914436650668035/photo/1
id 1363914436650668035
retweets 4
link https://twitter.com/tccontre18/status/1363914436650668035
mentions ['@HexRaysSA']
hashtags ['#ida', '#idapython', '#trojan', '#re', '#Malware', '#int3']
date 2021-02-22 18:11:56
timestamp 1614013916

Tweet