Code Deobfuscation Services
Mossé Security can deobfuscate malware samples developed by Advanced Persistent Threats.
-
Defeat code-level obfuscation techniques to recover the original high-level code
-
Recover protected data such as IP addresses, domain names, keys and other strings
-
Recover the original malware architecture prior to its obfuscated state
-
Produce high-fidelity descriptions of what protected software code does
Code Protection Techniques
Here's a list of common code protection techniques employed by sophisticated adversaries:
-
Control Flow Flattening
-
Dead Code
-
Disaligned Branches
-
Function argument randomisation
-
Garbage Insertion
-
Instruction Substitution
-
Merging and Splitting Functions
-
Mixed Boolean Arithmetics
-
Opaque Predicates
-
Split and Merge Variables
-
Virtual Machine Hardening
-
Virtualisation Obfuscation
Our Certifications
Our team undertakes 2,000+ hours of pre-deployment training per year. Here are some of the certifications we hold and maintain: