Archive

Posts Tagged ‘malicious flash analysis’

Extracting flash from memory.

March 13, 2016 Leave a comment

I got one flash sample which belonged to a exploit kit. i found that this flash contained multiple exploit and was packed using swfpack. so was thinking of a way so that i can extract all the exploits from it. its pretty simple, just run the flash exploit file in IE using a webserver and use process scan option of swfscan. you can get all the swf files from the memory 🙂

frommemory

 

i will try to post a detailed analysis of exploits if time permits.

%d bloggers like this: