We added support for detecting executables ciphered with bitwise shift ciphers - ROR (shift right) and ROL (shift left) which was first reported from a sample from Mila's blog (contagiodump). Bitwise shifts are similar to multiple or division by 2's. This sample used a shift left of one position (rol 1) along with a 256byte XOR key.
Update: numbers-to-string.py Version 0.0.9
-
This is just a bugfix version (Python 3). numbers-to-string_v0_0_9.zip
(https) MD5: C5629F102FCF58E5CFF24472D35AFF22 SHA256:
5B1CA43EDFD7BA66CF44FB552BD788...
2 hours ago