1 |
C.Collberg, C.Thomborson, and D. Low, "A taxonomy of obfuscating transformations," Department of Computer Science, The University of Auckland, New Zealand, 1997.
|
2 |
Gyeong-Ryul Lee, Heong-Jun Yuk, Gang-Bin Im, Il-Seon Yu, "Trends in obfuscation technology for software security." Communications of the Korean Institute of Information Scientists and Engineers. 34(1):22-27. 2016.
|
3 |
LCF-AT, "Themida+WinLicense 2.x (Unpacking)," Jul. 2013 (also see https://tuts4you.com/download.php?view.3495)
|
4 |
LCF-AT, "Themida+WinLicense 2.x (Ultra Unpacker v1.4)", Jan. 2014. (also see http://tuts4you.com/download.php?view.3526)
|
5 |
Seong-Kyun Mok, Hyeon-gu Jeon and Eun-Sun Cho, "Program Slicing for Binary code Deobfuscation," Journal of the Korea Institute of Information Security & Cryptology, 27(1), pp. 59-66, 2017.
DOI
|
6 |
B.Yadegari, B.Johannesmeyer, B.Whitely and S.Debray, "A generic approach to automatic deobfuscation of executable code," IEEE Symposium on Security and Privacy, pp. 674-691, 2015.
|
7 |
Min-Gyung Kang, P.Poosankam and H.Yin, "Renovo: A hidden code extract or for packed executables," Proceedings of the 2007 ACM workshop on Recurring malcode. ACM, pp. 46-53, 2007.
|
8 |
Jae-hwi Lee, Jae-hyeok Han, Min-wook Lee, Jae-mun Choi, Hyun-woo Baek and Sang-jin Lee, "A Study on API Wrapping in Themida and Unpacking Technique," Journal of the Korea Institute of Information Security & Cryptology, 27(1), pp. 67-77, Feb, 2017.
DOI
|
9 |
https://www.fireeye.com/blog/threat-research/2019/10/lowkey-hunting-for-the-missing-volume-serial-id.html
|
10 |
Jae-hwi Lee, Byung-hee Lee, Sang-hyun Cho. "A Study on the Analysis Method to API Wrapping that Difficult to Normalize in the Latest Version of Themida." Journals of the Korea Institute Of Information Security And Cryptology, 29(6), 1375-1382, 2019.
|
11 |
https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Winnti.pdf
|
12 |
Soon-Gohn Kim. "Code Automatic Analysis Technique for Virtualization-based Obfuscation and Deobfuscation", Journal of Korea Institute of Information, Electronics, and Communication Technology, 11(6), 724-731, 2018.
DOI
|
13 |
Pin: Chi-Keung Luk Robert Cohn Robert Muth Harish Patil Artur Klauser Geoff Lowney Steven Wallace Vijay Janapa Reddi Kim Hazelwood, Building Customized Program Analysis Tools with Dynamic Instrumentation, page 190-192.
|
14 |
You-jin Kang, Moon Chan Park, Dong Hoon Lee. "Implementation of the Automated De-Obfuscation Tool to Restore Working Executable." Journals of the Korea Institute Of Information Security And Cryptology, 27(4), 785-802, 2017.
|