Future Internet 2013, 5(2), 140-167; doi:10.3390/fi5020140
Article

A Methodology for Retrieving Information from Malware Encrypted Output Files: Brazilian Case Studies

Received: 18 February 2013; in revised form: 6 April 2013 / Accepted: 15 April 2013 / Published: 25 April 2013
(This article belongs to the Special Issue Security of Systems and Software Resiliency)
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Abstract: This article presents and explains a methodology based on cryptanalytic and reverse engineering techniques that can be employed to quickly recover information from encrypted files generated by malware. The objective of the methodology is to minimize the effort with static and dynamic analysis, by using cryptanalysis and related knowledge as much as possible. In order to illustrate how it works, we present three case studies, taken from a big Brazilian company that was victimized by directed attacks focused on stealing information from a special purpose hardware they use in their environment.
Keywords: malware; cryptanalysis; reverse engineering; stolen information
PDF Full-text Download PDF Full-Text [2882 KB, uploaded 25 April 2013 14:51 CEST]

Export to BibTeX |
EndNote


MDPI and ACS Style

Uto, N. A Methodology for Retrieving Information from Malware Encrypted Output Files: Brazilian Case Studies. Future Internet 2013, 5, 140-167.

AMA Style

Uto N. A Methodology for Retrieving Information from Malware Encrypted Output Files: Brazilian Case Studies. Future Internet. 2013; 5(2):140-167.

Chicago/Turabian Style

Uto, Nelson. 2013. "A Methodology for Retrieving Information from Malware Encrypted Output Files: Brazilian Case Studies." Future Internet 5, no. 2: 140-167.

Future Internet EISSN 1999-5903 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert