During an analysis, it can be really useful to know some common instructions with which malware, and more specifically shellcodes, achieve their goals. As we can imagine, these sets of common instructions could be used first to locate and later to analyze and/or to identify general threats: embedded or injected code.
In this article, we’ll focus on the identification and analysis of Metasploit and some custom shellcodes on the basis of parameters and information coming from brief research and personal experience.
more here..........http://blog.norsecorp.com/2015/02/24/in-memory-shellcode-detection-using-a-patterns-based-methodology/
In this article, we’ll focus on the identification and analysis of Metasploit and some custom shellcodes on the basis of parameters and information coming from brief research and personal experience.
more here..........http://blog.norsecorp.com/2015/02/24/in-memory-shellcode-detection-using-a-patterns-based-methodology/