Products & Services
I watched on TV a couple of days ago, Prisma Studio program and I would like to know what program Antti Tikkanen used decryption?
who the hell is Antti Tikkanen?..
This is Antti!
It would be nice if I could get the name of the program, so that I could research a computer that is full of viruses.
When was it exactly?
please check here http://www.katsomo.fi/?treeId=33001005
It doesn't come from the MTV3 it came YLE view it here : http://areena.yle.fi/video/1320346677150 look forward 11.10.
Does not show outside Suomi....
I guess we need to wait for Antti to reply himself...
I take screenshot, Yle have bad quality on internet videos.
oh my bad
sorry about Antti what I said...
In your screenshot I'm decrypting an embedded, encrypted program from the original sample. The tool you see is Immunity Debugger (http://immunityinc.com/products-immdbg.shtml). However, it isn't quite as straightforward as taking a malware sample and asking Immunity Debugger to decrypt it. In this case, I analyzed the sample a bit and found the decryption loop, and what you see is me stepping the malware though this loop. So you actually need to understand a bit about how the malware in question works to do this.
The other tool you see in the clip is the HIEW hex editor (http://www.hiew.ru/). I used it to decrypt the URL in the sample. For this to work, I had to reverse engineer the sample to recover the decryption routine. I then implemented the routine into HIEW to decrypt the string.
Hope this helps,
That help, but i got those programs names after your reply, because Prisma Studio was shown again today and i save it and look programs names, but still thanks.
Ps. I am 15 years old boy from Finland