Combating control flow flattening in .NET malware
Show in Graph
Image Description
Common Information
Type Value
UUID 0513f759-2a17-4a79-a2e7-a61fd186d5bb
Fingerprint 1d04b577d56eb541631020cf4bae3c6e3f099979fac392fac3d3a0dc4add8682
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 19, 2022, 5:45 p.m.
Added to db April 16, 2024, 6:46 p.m.
Last updated Aug. 30, 2024, 11:59 p.m.
Headline Combating control flow flattening in .NET malware
Title Combating control flow flattening in .NET malware
Detected Hints/Tags/Attributes 40/2/24
Source URLs
Redirection Url
Details Source https://www.virusbulletin.com/uploads/pdf/conference/vb2022/papers/VB2022-Combating-control-flow-flattening-in-NET-malware.pdf
URL Provider
Details Provider Source level domain
Details virusbulletin.com www.virusbulletin.com
Attributes
Details Type #Events CTI Value
Details Domain 1175 
gmail.com
Details Domain 247 
www.virusbulletin.com
Details Domain 4128 
github.com
Details Domain 13 
hex-rays.com
Details Domain 4 
samples.vx-underground.org
Details Domain 281 
docs.microsoft.com
Details Email 1 
georgy.kucherin@gmail.com
Details File 1 
netcore.sln
Details File 1 
netframework.sln
Details File 2 
deobfuscator.cs
Details File 29 
program.cs
Details File 41 
system.obj
Details File 5 
de4dot.exe
Details File 1 
30b3cbe8817ed75d8221059e4be35d5624bd6b5dc921d4991a7adc4c3eb5de4a.7z
Details File 1 
deobfuscatortemplate.cs
Details Github username 2 
de4dot
Details Github username 1 
gkucherin
Details sha256 6 
30b3cbe8817ed75d8221059e4be35d5624bd6b5dc921d4991a7adc4c3eb5de4a
Details Url 1 
https://github.com/de4dot/de4dot.
Details Url 1 
https://hex-rays.com
Details Url 1 
https://samples.vx-underground.org/apts/2022/2022.03.22
Details Url 1 
https://github.com/gkucherin/de4dot.
Details Url 1 
https://github.com/gkucherin/de4dot/blob/master/deobfuscatortemplate.cs
Details Url 1 
https://docs.microsoft.com/dotnet/api/system.reflection.emit.opcodes