Create an Account
username: password:
 
  MemeStreams Logo

SANS Internet Storm Center - Advanced obfuscated JavaScript analysis

search

Worthersee
Picture of Worthersee
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Worthersee's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
SANS Internet Storm Center - Advanced obfuscated JavaScript analysis
Topic: Technology 7:08 pm EDT, Apr  9, 2008

When we got contacted by ISC reader Greg in Hungary, whose web server had been hacked and adorned with a couple of obfuscated JavaScript files, we expected a variant of the "nmidahena" injection and a closed case. JavaScript is an interpreted language, and while the obfuscation attempts we see are getting more creative, the scripts can usually still be coerced quite easily into divulging their secrets. ISC handler Lenny Zeltser teaches the SANS course on malware analysis, and ISC handler Bojan Zdrnja wrote the portion on JavaScript analysis for that course, so we are usually able to make short work of bad stuff.

Cool example of self-defending javascript malware.

SANS Internet Storm Center - Advanced obfuscated JavaScript analysis



 
 
Powered By Industrial Memetics
RSS2.0