I watched on TV a couple of days ago, Prisma Studio program and I would like to know what program Antti Tikkanen used decryption?
In your screenshot I'm decrypting an embedded, encrypted program from the original sample. The tool you see is Immunity Debugger (http://immunityinc.com/products-immdbg.shtml). However, it isn't quite as straightforward as taking a malware sample and asking Immunity Debugger to decrypt it. In this case, I analyzed the sample a bit and found the decryption loop, and what you see is me stepping the malware though this loop. So you actually need to understand a bit about how the malware in question works to do this.
The other tool you see in the clip is the HIEW hex editor (http://www.hiew.ru/). I used it to decrypt the URL in the sample. For this to work, I had to reverse engineer the sample to recover the decryption routine. I then implemented the routine into HIEW to decrypt the string.
Hope this helps,
who the hell is Antti Tikkanen?..
This is Antti!
It would be nice if I could get the name of the program, so that I could research a computer that is full of viruses.
When was it exactly?
please check here http://www.katsomo.fi/?treeId=33001005
It doesn't come from the MTV3 it came YLE view it here : http://areena.yle.fi/video/1320346677150 look forward 11.10.
Does not show outside Suomi....
I guess we need to wait for Antti to reply himself...
I take screenshot, Yle have bad quality on internet videos.
oh my bad
sorry about Antti what I said...
That help, but i got those programs names after your reply, because Prisma Studio was shown again today and i save it and look programs names, but still thanks.
Ps. I am 15 years old boy from Finland