Taking down Gooligan: part 2 — inner workings
Elie
MARCH 17, 2018
This file is encrypted with a hardcoded [XOR encryption] function. This file is encrypted with a hardcoded [XOR encryption] function. This encryption is used to escape the signatures that detect the code that Gooligan borrows from previous malware. since at least 2011. back in 2011. first post.
Let's personalize your content