Sam Russellwww.lodsb.com·Nov 18, 2022Extracting VMProtect handlers with Binary NinjaI've started looking into the Adylkuzz malware, as mentioned by Tim Blazytko in his article on Automated Detection of Obfuscated Code. Initial analysis shows a TLS entry handler that dumps us straight into a VMProtect VMEnter() function, that looks l...3.3K readsGeneral ProgrammingAdd a thoughtful commentNo comments yetBe the first to start the conversation.