Malware is the main SECRET research line, thus SECRET researchers
are often reverse engineering malware samples. A key SECRET principle
is to strongly rely on in-house developed analysis tools. We here
share a bit of the SECRET-developed tools.
A daily task at SECRET is to perform binary static analysis to identify
basic sample’s characteristics. For such task, we developed our own
set of bash scripts:
When malware samples are obfuscated to hide their malicious payloads,
we rely on dynamic analysis for samples inspection. Samples are executed
in our own sandbox solution. Additional information about its internal
working can be found here.