Obfuscation vs the Optimizer: An LLVM Middle-End Arms Race
ATT&CK techniques detected
T1027.002Software Packing
86%
"and the folding happens line by line : 0x00400000 b0ff mov al, 0xff 0x00400002 3428 xor al, 0x28 { 0xd7 } 0x00400004 0c9b or al, 0x9b { 0xdf } 0x00400006 2441 and al, 0x41 0x00400008 b16e mov cl, 0x6e 0x0040000a 80e128 and cl, 0x28 0x0040000d 31d2 xor edx, edx { 0x0 } 0x0040000f …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
How one Commit Broke Obfuscation: A blog post exploring the role of compilers and optimizations in the field of obfuscation and de-obfuscation.