#Rijndael Algorithm C | Explore Tumblr posts and blogs

pinerlucky · 3 years ago

Text

Block cipher

#BLOCK CIPHER DOWNLOAD#

Knudsen, L.R., Berson, T.: Truncated Differentials of SAFER. Hong, D., Sung, J., Hong, S., Lim, J., Lee, S., Koo, B.-S, Lee, C., Chang, D., Lee, J., Jeong, K., Kim, H., Kim, J., Chee, S.: HIGHT: A New Block Cipher Suitable for Low-Resource Device. Heys, H., Tavares, S.: Substitution-Permutation Networks Resistant to Differential and Linear Cryptanalysis. Heys, H.: A Tutorial on Differential and Linear Cryptanalysis, Available via Hell, M., Johansson, T., Meier, W.: Grain - A Stream Cipher for Constrained Environments.

#BLOCK CIPHER DOWNLOAD#

In: Presented at SASC 2007 (February 2007), Available for download via, Good, T., Chelton, W., Benaissa, M.: Hardware Results for Selected Stream Cipher Candidates. In: Proceedings of Third Advanced Encryption Standard Conference, National Institute of Standards and Technology, pp. Gilbert, H., Minier, M., Collision, A.: Attack on 7 Rounds of Rijndael. Available via, įeldhofer, M., Dominikus, S., Wolkerstorfer, J.: Strong Authentication for RFID Systems Using the AES algorithm. Springer, Heidelberg (2004)ĮCRYPT Network of Excellence: The Stream Cipher Project: eSTREAM. Springer, Heidelberg (1997)ĭiem, C.: The XL-Algorithm and a Conjecture from Commutative Algebra. Springer, Heidelberg (2002)ĭaemen, J., Knudsen, L.R., Rijmen, V.: The Block Cipher Square. Springer, Heidelberg (2002)ĭaemen, J., Rijmen, V.: The Design of Rijndael. Springer, Heidelberg (2000)Ĭourtois, N., Pieprzyk, J.: Cryptanalysis of Block Ciphers with Overdefined Systems of Equations. Springer, Heidelberg (2005)Ĭourtois, N., Klimov, A., Patarin, J., Shamir, A.: Efficient Algorithms for Solving Overdefined Systems of Multivariate Polynomial Equations. Springer, Heidelberg (2005)Ĭid, C., Murphy, S., Robshaw, M.J.B.: Small Scale Variants of the AES. Available via, Ĭid, C., Leurent, G.: An Analysis of the XSL Algorithm. Springer, Heidelberg (2006)ĭe Cannière, C., Preneel, B.: Trivium. Springer, Heidelberg (2000)īiryukov, A., Mukhopadhyay, S., Sarkar, P.: Improved Time-memory Trade-offs with Multiple Data. Springer, Heidelberg (1998)īiryukov, A., Wagner, D.: Advanced Slide Attacks. Springer, Heidelberg (1993)īiham, E., Knudsen, L.R., Anderson, R.J.: Serpent: A New Block Cipher Proposal. Springer, Heidelberg (1994)īiham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer, Heidelberg (2001)īiham, E.: New Types of Cryptanalytic Attacks Using Related Keys. Aoki, K., Ichikawa, T., Kanda, M., Matsui, M., Moriai, S., Nakajima, J., Tokita, T.: Camellia: A 128-Bit Block Cipher Suitable for Multiple Platforms - Design and Analysis.

#Block cipher

0 notes

siva3155 · 6 years ago

Text

300+ TOP CISSP Objective Questions and Answers

CISSP Multiple Choice Questions :-

1. When an attacker sends unsolicited communication, it is an example of: A. Spoofing B. Spamming C. Crackers D. Sniffers ANS:- B 2. Masquerading is: A. Attempting to hack a system through backdoors to an operating system or application B. Pretending to be an authorized user C. Always done through IP spoofing D. Applying a subnet mask to an internal IP range ANS:- B 3. Integrity is protection of data from all of the following EXCEPT: A. Unauthorized changes B. Accidental changes C. Data analysis D. Intentional manipulation ANS:- C 4. A security program cannot address which of the following business goals? A. Accuracy of information B. Change control C. User expectations D. Prevention of fraud ANS:- A 5. In most cases, integrity is enforced through : A. Physical security B. Logical security C. Confidentiality D. Access controls ANS:- D 6. A “well-formed transaction” is one that: A. Has all the necessary paperwork to substantiate the transaction. B. Is based on clear business objectives. C. Ensures that data can be manipulated only by a specific set of programs. D. Is subject to duplicate processing. ANS:- C 7. In an accounting department, several people are required to complete a financial process. This is most likely an example of: A. Segregation of duties B. Rotation of duties C. Need-to-know D. Collusion ANS:- A 8. Risk Management is commonly understood as all of the following EXCEPT: A. Analyzing and assessing risk B. Identifying risk C. Accepting or mitigation of risk D. Likelihood of a risk occurring ANS:- D 9. The percentage or degree of damage inflicted on an asset used in the calculation of single loss expectancy can be referred to as: A. Exposure Factor (EF) B. Annualized Rate of Occurrence (ARO) C. Vulnerability D. Likelihood ANS:- A 10. The absence of a fire-suppression system would be best characterized as a(n): A. Exposure B. Threat C. Vulnerability D. Risk ANS:- C

CISSP MCQs 11. Risk Assessment includes all of the following EXCEPT: A. Implementation of effective countermeasures B. Ensuring that risk is managed C. Analysis of the current state of security in the target environment D. Strategic analysis of risk ANS:- A 12. A risk management project may be subject to overlooking certain types of threats. What can assist the risk management team to prevent that? A. Automated tools B. Adoption of qualitative risk assessment processes C. Increased reliance on internal experts for risk assessment D. Recalculation of the work factor ANS:- A 13. Data classification can assist an organization in: A. Eliminating regulatory mandates B. Lowering accountability of data classifiers C. Reducing costs for protecting data D. Normalization of databases ANS:- C 14. Who “owns” an organization’s data? A. Information technology group B. Users C. Data custodians D. Business units ANS:- D 15. An information security policy does NOT usually include: A. Authority for information security department B. Guidelines for how to implement policy C. Basis for data classification D. Recognition of information as an asset of the organization ANS:- B 16. The role of an information custodian should NOT include: A. Restoration of lost or corrupted data B. Regular backups of data C. Establishing retention periods for data D. Ensuring the availability of data ANS:- C 17. A main objective of awareness training is: A. Provide understanding of responsibilities B. Entertaining the users through creative programs C. Overcoming all resistance to security procedures D. To be repetitive to ensure accountability ANS:- A 18. What is a primary target of a person employing social engineering? A. An individual B. A policy C. Government agencies D. An information system ANS:- A 19. Social engineering can take many forms EXCEPT: A. Dumpster diving B. Coercion or intimidation C. Sympathy D. Eavesdropping ANS:- D 20. Incident response planning can be instrumental in: A. Meeting regulatory requirements B. Creating customer loyalty C. Reducing the impact of an adverse event on the organization D. Ensuring management makes the correct decisions in a crisis ANS:- C CISSP Objective type Questions with Answers 31) Asymmetric key cryptography is used for all of the following except: A. Encryption of data B. Access control C. Nonrepudiation D. Steganography ANS:- D 32) The most common forms of asymmetric key cryptography include A. Diffie–Hellman B. Rijndael C. Blowfish D. SHA-256 ANS:- A 33) What is an important disadvantage of using a public key algorithm compared to a symmetric algorithm? A. A symmetric algorithm provides better access control. B. A symmetric algorithm is a faster process. C. A symmetric algorithm provides nonrepudiation of delivery. D. A symmetric algorithm is more difficult to implement. ANS:- B 34) When a user needs to provide message integrity, what options may be best? A. Send a digital signature of the message to the recipient B. Encrypt the message with a symmetric algorithm and send it C. Encrypt the message with a private key so the recipient can decrypt with the corresponding public key D. Create a checksum, append it to the message, encrypt the message, then send to recipient. ANS:- D 35) A certificate authority provides what benefits to a user? A. Protection of public keys of all users B. History of symmetric keys C. Proof of nonrepudiation of origin D. Validation that a public key is associated with a particular user ANS:- D 36) What is the output length of a RIPEMD-160 hash? A. 160 bits B. 150 bits C. 128 bits D. 104 bits ANS:- A 37) ANSI X9.17 is concerned primarily with A. Protection and secrecy of keys B. Financial records and retention of encrypted data C. Formalizing a key hierarchy D. The lifespan of key-encrypting keys (KKMs) ANS:- A 38) When a certificate is revoked, what is the proper procedure? A. Setting new key expiry dates B. Updating the certificate revocation list C. Removal of the private key from all directories D. Notification to all employees of revoked keys ANS:- B 39) What is not true about link encryption? A. Link encryption encrypts routing information. B. Link encryption is often used for Frame Relay or satellite links. C. Link encryption is suitable for high-risk environments. D. Link encryption provides better traffic flow confidentiality. ANS:- C 40) A_________ is the sequence that controls the operation of the cryptographic algorithm . A. Encoder B. Decoder wheel C. Cryptovariable D. Cryptographic routine ANS:- C 41) The process used in most block ciphers to increase their strength is A. Diffusion B. Confusion C. Step function D. SP-network ANS:- D 42) The two methods of encrypting data are A. Substitution and transposition B. Block and stream C. Symmetric and asymmetric D. DES and AES ANS:- C 43) Cryptography supports all of the core principles of information security except A. Availability B. Confidentiality C. Integrity D. Authenticity ANS:- D 44) A way to defeat frequency analysis as a method to determine the key is to use A. Substitution ciphers B. Transposition ciphers C. Polyalphabetic ciphers D. Inversion ciphers ANS:- C 45) The running key cipher is based on A. Modular arithmetic B. XOR mathematics C. Factoring D. Exponentiation ANS:- A 46) The only cipher system said to be unbreakable by brute force is A. AES B. DES C. One-time pad D. Triple DES ANS:- C 47) Messages protected by steganography can be transmitted to A. Picture files B. Music files C. Video files D. All of the above ANS:- D 48) a significant action has a state that enables actions on an ADP system to be traced to individuals who may then be held responsible. The action does NOT include : A. Violations of security policy. B. Attempted violations of security policy. C. Non-violations of security policy. D. Attempted violations of allowed actions. ANS:- D 49) Which of the following embodies all the detailed actions that personnel are required to follow? A. Standards B. Guidelines C. Procedures D. Baselines ANS:- C 50) which of the following choices is NOT part of a security policy? A. definition of overall steps of information security and the importance of security B. statement of management intend, supporting the goals and principles of information security C. definition of general and specific responsibilities for information security management D. .description of specific technologies used in the field of information security ANS:- D CISSP Questions and Answers pdf Download Read the full article

0 notes

comp6841blogforme-blog · 6 years ago

Text

Advanced Encryption Standard (AES)

AES is also known as by is original name Rijndael after its developers Vincent Rijmen and John Daemen. AES is a block cipher that uses a 128-bit block known as the state. The state is organised as a 32*32 bit array (or a 4*4 bytes). It goes through 10 rounds of encryption. The key for AES has multiple key lengths for greater security but worse performance. The key lengths are 128, 192 and 256-bits. Most computers and specialised hardware to use AES.

Method

Key Expansion - derives the round keys from the using Rijndael’s key schedule from the main key, so each round has a 128 bit round key. This is done at the beginning and not every round.

Substitute Bytes - Each byte in the state is substituted by using a look-up table of a Rijndael s-box. This create confusion in the algorithm relationships.

Shift Rows - each element in the state is shifted down a number (of its row) index of column. This is the first step in creating diffusion

Mix Columns - Each byte in a column of the state is mixed up using a function created by Rijndael. This is the second step of diffusion and means that the output from a round depends on output from the previous round. This step is not done in the final round.

Add Round Key - each byte of the state is XORed with its corresponding byte in the round key

click here for an easy to follow description of how AES enciphers a block.

The Key Expansion is the most important step of the cipher because it is the only part of the algorithm that has unknown information to an attacker. The round keys all derive from the main secret key and so are also unknown to an attacker where as the rest of the steps are completely known to an attacker.

Add Round Key

The other functions are still necessary though, because just doing the Add Round is essentially a substitution and XORing more than once would also be redundant and it would be a weak cipher. This is because every byte in a block does not move from its position, so an attacker just has to crack each byte. There are 2^8 possible combinations for a byte of plaintext and 2^8 possible bytes for the plaintext too and 16 (i.e. 2^4) bytes in a block, therefore to brute force 1 block it would take 19 bits of work ( 2^8 * 2^8 * 2^4 /2 = 2^19) on average. As the average desktop computer can do 31-bits of work a second, so it could crack the average e-mail (75KB or 2^12 blocks) encrypted like this in a second.

Mix Columns and Shift Rows

The Mix Columns function creates makes each byte in a column dependent on each other so an attacker cannot treat the 128-bit block as 16 independent bytes but rather as 4 32-bit blocks.

The Shift Rows function mixes the bytes of each column so an attacker cannot treat a 128-bit block as 4 32-bit blocks as each byte of a column would only depend on the other bytes in its column. So instead of needed to brute force a 128-bit key, an attacker would just need to brute-force 4 (i.e. 2^2) 32-bit keys, which is only 33-bits of work (2^32 * 2^2 / 2 = 2^33). An average desktop would be able to crack a block in a few seconds.

So these two functions working together ensure that to brute force AES, an attacker needs to do 127-bits of work (128-bit key).

Substitute Bytes

Having this function ensure the cipher is no longer a linear/Affine transformation. If the cipher was affine then it could be represented in the form c = Ap + k, where c = cipher text (128 size vector), p = plain text (128 size vector), A = 128*128 matrix and k is a constant that depends on the key. The matrix A is dependent on the shift rows and mix columns functions, both of which are known to everyone and can therefore be pre-calculated. If an attacker can then crack one cipher text block by guessing the plaintext then k can be calculated because k = c - Ap. (e.g. the cipher text is an email and the sender’s has the same sign-off like “sent from my iphone” and the attacker can estimate the location of that plaintext in the cipher text, then the attacker has a matching plaintext block and cipher text block)

The Number of Rounds

Increasing the number of rounds AES goes through increases the amount of confusion and diffusion because it goes through more substitution and more shifting and mixing. The 128-bit key uses 10 rounds because there are ways to crack 6 round versions of AES so Rijdael said “We added 4 rounds as a security margin”. The extra 4 rounds also means that the technique used to crack the 6 round version, increasingly expensive.

The reason the 192-bit and 256-bit keys use more rounds is because techniques that can crack the cipher in less than brute force can afford to be less efficient with longer keys. If a technique that can crack the 128-bit key in 100 bits of work (quicker than brute force) and that same technique can crack 10 round 192-bit key in 155-bits of work as well as cracking 10 round 256-bit key in 215 bits of work, although is less efficient at cracking the longer keys, it still increases bits of worked not needed compared to brute force.

Weaknesses

As AES is a symmetric key cipher, it does not scale well as the size of the network increases as n^2 keys are needed to be shared and kept by everyone in the network. This problem can be overcome by using a cipher that uses public-private keys like RSA to encrypt the small key for the AES, reducing the number of keys needed in a network to 2n

There have been some theoretical attacks have been published but they do not reduce the work enough to make it feasible. Some also are not that practical, like needing to know the plaintext to crack the cipher-text, which could be useful if you want prove that some else received the same file or two users repeatedly use the same key and you had the plain text of one of the messages.

Considering there have been a number of theoretical break, it is probably a good idea to start looking for a new algorithm to encrypt and decrypt now, because it is uncertain how quickly more advances will be discovered.

Common Uses

It was chosen by the NIST as the new standard for encryption after DES. It is therefore used by all US federal government departments. The NSA has approved the 128, 192 or 256-bit keys for “secret” level information but only the 192 or 256-bit keys for “top secret” level information. The reason for using the longer keys for top secret seems to be to protect against a partially known key.

As the longer the key is, the more work an attacker still has to do to crack the rest of the key because if an attacker knew 64-bits of the key, they would still have to over 127-bits of work for the 192-bit and 256-bit keys.

Sources

https://csrc.nist.gov/csrc/media/projects/cryptographic-standards-and-guidelines/documents/aes-development/rijndael-ammended.pdf

https://www.openlearning.com/courses/securityengineering19t2/modules/7/aes/

https://searchsecurity.techtarget.com/definition/Advanced-Encryption-Standard

https://www.eetimes.com/document.asp?doc_id=1279619

https://en.wikipedia.org/wiki/Advanced_Encryption_Standard

https://eprint.iacr.org/2011/449.pdf

https://www.nist.gov/publications/advanced-encryption-standard-aes

http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html

https://medium.com/@weblab_tech/encrypted-client-server-communication-protection-of-privacy-and-integrity-with-aes-and-rsa-in-c7b180fe614e

https://www.quora.com/What-is-todays-average-computer-processing-speed

https://crypto.stackexchange.com/questions/20228/consequences-of-aes-without-any-one-of-its-operations

https://en.wikipedia.org/wiki/Rijndael_key_schedule

https://en.wikipedia.org/wiki/Rijndael_S-box

https://en.wikipedia.org/wiki/Rijndael_MixColumns

https://crypto.stackexchange.com/questions/2648/how-were-the-number-of-rounds-for-different-key-sizes-of-aes-selected

https://csrc.nist.gov/csrc/media/projects/cryptographic-standards-and-guidelines/documents/aes-development/rijndael-ammended.pdf

0 notes

wentzwu · 5 years ago

Text

CISSP PRACTICE QUESTIONS – 20200716

You are evaluating the one-time password (OTP) solutions and a vendor proposed two models of OTP tokens. One solution is synchronous; the other is asynchronous. Which of the following the primary cryptographic algorithms used in the synchronous solution to generate passwords? A. Lucifer B. Rijndael C. HMAC D. Clock timer

(more…)

View On WordPress

0 notes

terabitweb · 6 years ago

Text

Original Post from Security Affairs Author: Pierluigi Paganini

One of the latest trends for the attackers is to leverage the ISO files to avoid detection, the technique has also been used in a recent Hawkeye campaign.

Introduction

As we described in our previous post, one of the latest trends for the attackers is to leverage the ISO files in order to reduce detection chances. This technique has also been used by a recent Hawkeye spreading campaign.

“Hawkeye Keylogger” is an info-stealing malware for sale in the dark-web. Anyone can easily subscribe to the malware service by paying a fee. It has been in continuous development at least since 2013 and the malware authors behind Hawkeye have improved the malware service adding new capabilities and techniques. It can collect credentials from various applications, mostly email clients, web browser and FTP clients, and send them to the crooks via various protocols such as FTP, HTTP, and SMTP.

So, our Cybaze-Yoroi ZLAB decided to take a look at this recent Hawkeye attack, tacking its anti-analysis protection and the anti-debugging techniques enforced by the Visual Basic packer used by the crooks.

Technical Analysis

The delivered file is an ISO image. Inside of it, there is a bat file, but actually is a well formed PE file. So, we can extract the “bat” file and replace its extension in “exe”.

Figure 1: Fake .bat file inside the ISO archive

Hash 32951a56e3fcd8f5b006c0b64ec694ddf722eba71e2093f7ee90f57856941f3d Threat Hawkey Spyware Brief Description Hawkey Spyware inside a Visual Basic Packer Ssdeep 12288:GVwYvwrMkE9LfRUXkpW7zGidwY/rwxOp8mH:COrI9zRUJfGCfzw0

Table 1: Information about the PE file inside the ISO image

The ISO file has low AV detection rate, but only by extracting the executable from the ISO image, the rate raises:

Figure 2: AV Detection of the ISO compressed file (left) and of the extracted file (right)

The PE file is packed with a Visual Basic 5.0 stub. It has the duty to protect the core of the malware and complicate the analysis:

Figure 3: Visual Basic packer evidence

As seen above, the malware is written in Visual Basic 5.0. So it is possible to decompile the malware through the use of the ad-hoc decompilers.

Figure 4: Visual Basic code decompilation in P-Code

The decompiled code has been translated in P-Code and it is quite obfuscated in the same way. The only solution to obtain more information about the infection mechanisms is to debug the program.

The first trick to complicate the analysis is to dynamically create a new memory section where inject some code, through the use of the “VirtualAlloc” function. The malware decodes some a piece of code, and choose a random new virtual address space to alloc memory, in this case “0x00260000” loaded into the EAX register.

Figure 5: Memory allocation through the VirtualAlloc API

The GetTickCount Anti-Debug Technique

After the context switch inside the new allocated area, the malware adopts the well known “GetTickCount()” anti-debug technique. According to the MSDN documentation, GetTickCount retrieves the number of milliseconds that have elapsed since the system was started, up to 49.7 days. This API call is used by the malicious actors to retrieve the time of the execution of the process, and if it is higher than a preset threshold, the malware terminates its execution:

Figure 6: GetTickCount routine a new address space

The first malicious action of the created address space is the invoking of the GetTickCount API and the result is:

Figure 7: GetTickCount result in EAX register

The result of the GetTickCount function is stored in EAX register. After doing some other decrypting operations, the malware invokes it another time.

Figure 8: GetTickCount subtraction anti-debug trick

After the second invocation of GetTickCount, there is immediately the subtraction of the two values and it is placed in EAX register. The next instruction is a comparison between the EAX register and a preset threshold value, “0x5DC”, which is 1500 in decimal representation. According to the Microsoft documentation, the resolution of the GetTickCount function is 10ms, thus we can deduce that the decided threshold by the cyber criminal is 15 seconds. After understood the trick, it quite easy to bypass and go on to analyze the sample.

Figure 9: ShellExecute routine to run the payload

The malware allocates another memory space to write an entire file with the MZ header and it is opened through the “ShellExecute” API function. Dumping the process in this moment, another piece of code hidden in a resource, which did not exist before the anti-debug trick, emerges:

Figure 10: Resource comparison between the original exe and the self-modified exe

As shown in the above figure, the original file (on the left) presents as resources only the icons and the manifest, instead the self-manipulated file presents a resource called “RCData” with a resource named “__”. It is the encrypted final payload.

Figure 11: Malicious resource retrieving routine

In order to protect itself and to make more difficult the analysis, the malware respawns itself through the “CreateProcessInternalW” API call:

Figure 12: Execution routine of the final payload

Now the real payload is ready to be self-decrypted with a custom internal routine.

Figure 13: Decoding routine of the final payload

After the decryption routine, the malware copies this new code into another piece of memory through the “memcpy” function. Moreover, in order to validate the correct extraction of the payload, the malware checks if the first two bytes of the memory spare are “0x5A4D” which is “MZ” in ASCII code.

Figure 14: Validation check of the correct decoding of the final payload

Dumping the file, the real payload is unveiled.

The Payload

The extracted payload is a PE file compiled in .NET C# language with the following static information:

Hash a3aa6e220591f05f4e2ecc4f4741ac6b6715ebb2b5c42c2b7bb52142c54be30b Threat Hawkey Spyware Brief Description Hawkey Spyware obfuscated payload Ssdeep 6144:HuXT5iKKhhSHCMA2g22fB1YbcLetS7iz+K3hk:OXtxc/r1fXrwgil3h

Table 2: Static information about the final payload

The payload sample is obfuscated with the .NET Reactor tool, but the cleared version can be easily restored:

Figure 15: Usage of .NET Reactor obfuscator evidence

Below some static information of the final payload is reported:

Hash a848c84a1306ea7cc4704eced4067db1012c0bf1b9b65f8c04a8379d71464eaa Threat Hawkey Spyware Brief Description Hawkey Spyware clear payload Ssdeep 6144:37iz+K3hkCAg3JhmkuEFZ+1WjsroyGh0DBabr:Lil3hdhmOF

Table 3: Static information about the cleared version of the final payload

Due to the fact that the payload is written in .NET framework, it is possible to debug the code in order to retrieve all the details of this new sample. The debugging of the sample lets emerge the attribution of the malware, HawkEye.

Figure 16: Recurrent string decryption routine through the usage of Rijndael algorithm

Every sensitive information, string or other information is encrypted through Rijndael algorithm, as shown in figure 16. Before starting any operation, the malware tries to make a simple evasion trick. It retrievers the username of the victim machine and it compares this one with a series of usernames hardcoded. These usernames are the classical ones adopted by the sandboxes and if one of them is matched, probably the malware is run inside a virtual machine.

Figure 17: Sandbox evasion trick

After the simple check, the info stealer starts to perform its malicious operations. The first malicious operation is the persistence mechanism adopted by the malware:

Figure 18: Persistence mechanism

The persistence is guaranteed through the setting of the classic registry key “HKCUSoftwareMicrosoftWindowsCurrentVersionRun” with the value “C:UsersAdminAppDataRoamingMyAppMyApp.exe”, having already copied itself in this path. However, it’s important to say that if the malware is launched from the original wrapper, it copies in the “MyApp” path the entire executable, because the payload is executed inside the wrapper process as a thread; instead if only the final payload is executed, only this part is stored.

Figure 19: Task Manager disabling

A particular auto-protection mechanism adopted by the malware is the disabling the possibility to open the Task Manager process from the user, through the setting of the highlighted registry key in the Figure 19. At this point the malware can start the information stealing routines.

Figure 20: Password retrieving routine from Internet Explorer

The first information retrieved is the password stored inside Internet Explorer through the routine described in the above figure. This is only the starting point: it retrieves all sensitive data and login data from a large list of browsers. A little example is shown in the following figure:

Figure 21: Piece of the browser list harvested by the malware

Below, the complete list:

Google Chrome

Yandex

Comodo Dragon

Cool Novo

Chromium

Torch Browser

7Star

Amigo

Brave

Cent Browser

Chedot

Coccoc

Elements Browser

Epic Privacy

Kometa

Orbitum

Sputnik

Uran

Vivaldi

UC Browser

Flock Browser

In the same way, the malware looks for other credentials coming from other services, like CoreFTP, FileZilla and JDownloader. The last information stolen by the malware is the registered email accounts on the victim machine. The searched email clients are:

Outlook

SeaMonkey

Postbox

Thunderbird

Now, we wanted to deepen the password gathering routine of the malware on the Microsoft Outlook application. So, we created a fake account and we logged on the Microsoft email account software.

Figure 22: Registry key where it is stored the Microsoft Outlook client user configuration

Themalware retrieves a particular registry key: “HKCUSoftwareMicrosoftWindows NTCurrentVersionWindows Messaging SubsystemProfilesOutlook”. Inside of it is stored the configuration of the Microsoft Outlook user profile.

Figure 23: Outlook password decryption routine

The method “smethod_50” in figure 23 shows how is simple to decrypt the password saved in that registry key: it is enough retrieve the array of bytes and use it as parameter, together with the CurrentUser DataProtectionScope, to the static method provided from the .NET framework, “ProtectedData.Unprotect()”. After that, the harvested information are collected in a list, ready to be sent to the server.

Figure 24: Creation of the list of the gathered accounts

The last action is properly the preparation to send the information to the recipient. As the classic HawkEye malware, the communication protocol designed to transmit the stolen info is SMTP. For this reason the malware needs to use the API provided by the .NET framework in order to instantiate an SMTP client. Debugging until the right point, the malware configuration are revealed:

Figure 25: SMTP client account configuration

Conclusion

Hawkeye is nowadays a well known threat. The security firms analyzed in an excellent way the malware and all the infection chain, but this sample, like our latest ones, has the peculiarity to be protected by a complex and evasive packer.

In the last two posts we saw a tough Delphi packer to analyze, but also this one has some points to analyze that make challenging the reverse engineering process for the analyst. In the end, we were able to dissect all the malware chain revealing the threat actor exfiltration address.

Further technical details, including IoCs and Yara rules are reported in the analysis published on the Yoroi blog:

https://blog.yoroi.company/research/anti-debugging-techniques-from-a-complex-visual-basic-packer/

window._mNHandle = window._mNHandle || {}; window._mNHandle.queue = window._mNHandle.queue || []; medianet_versionId = "3121199";

try { window._mNHandle.queue.push(function () { window._mNDetails.loadTag("762221962", "300x250", "762221962"); }); } catch (error) {}

Pierluigi Paganini

(SecurityAffairs – anti-debugging, malware)

The post Anti-Debugging Techniques from a Complex Visual Basic Packer appeared first on Security Affairs.

#gallery-0-6 { margin: auto; } #gallery-0-6 .gallery-item { float: left; margin-top: 10px; text-align: center; width: 33%; } #gallery-0-6 img { border: 2px solid #cfcfcf; } #gallery-0-6 .gallery-caption { margin-left: 0; } /* see gallery_shortcode() in wp-includes/media.php */

Go to Source Author: Pierluigi Paganini Anti-Debugging Techniques from a Complex Visual Basic Packer Original Post from Security Affairs Author: Pierluigi Paganini One of the latest trends for the attackers is to leverage the ISO files to avoid detection, the technique has also been used in a recent Hawkeye campaign.

#Security Affairs blog

0 notes