Triyag

Abstract

Anti-Debugging techniques take different forms from hiding code from reverse engineers and also to avoiding programs from automated analysis in virtual environments. Gone were days where the malwares encryption used XOR or some algorithms implemented like LZMA in UPX or used simple API to check debugger detection. My day-to-day experience with malwares through Comodo Antivirus for 3 years not only enabled me to keep myself updated with the latest anti-debugging techniques by different malwares and protectors but also made me write Anti-Anti debugging techniques. In this paper I would like to share my research on the currently prevailing anti-debugging techniques used by various commercial software like ASProtect, Armadillo, Themida, SVKP, VMProtect, and some of the famous malwares tricks based on the Windows NT operating system platform.

Read more on this paper available for free download Here

Are you infected with EmailWorm.Win32.Runouce.b file infector and want a fix for it, download this utility which cleans the infection for you.

To Download Click Here

MD5 of zip: C9BD66120C0D17A53176DCD357748E51

Password to unzip: triyag