Unpacking NanoCore Sample Using AutoIT

May 5, 2019

In this article I want to take a look at a Nanocore sample that I found on HybridAnalysis that is using a compiled AutoIT script as a packing technique. This article will go over how to detect if a sample is using AutoIT and how to analyze it. The hash for this sample is ad9f99ad687a8ae71a40fd589b028ef6194e35c7....

Reverse Engineering, Malware Analysis, Malware, Unpacking, Scripting, Automation, DotNET, DnSpy, AutoIT

Page 1 of 1