1 research outputs found
Analysis of a Specimen of Visual Basic Malware
Visual Basic platform is increasingly becoming popular amongst malware authors. This is due to the fact, Visual Basic malwares are more complicated to analyze and it can be used to avoid precise detection by most antiviruses. Conventional tools like IDA Pro and OllyDbg do not provide much help when it comes to analyzing Visual Basic binaries. Along with this, a malware author can add self-defined algorithms for obfuscation and encryption. This combination allows the malware authors to create a malware that would be difficult to discover and analyze. This study mainly focuses on the growing impact of Visual Basic binaries in the world of malware. Our major malware for discussion would be Vobfus, which is a VB-obfuscated sample that connects to a server to download other malware to the victim's machine. The analysis of Vobfus would be accompanied with analysis of a few other Visual Basic malware samples. In the end, a critique of the conventional malware analysis tools while analyzing Visual Basic malwares would be presented
