Virtual Deobfuscator - a DARPA Cyber Fast Track funded effort

No ratings

Presented at BlackHatUSA 2013 by

Jason Raber

While there has been a lot research done on automatically reverse engineering of virtualization obfuscators, there has been no approach that did not require a lot of man-hours identifying the bytecode (static approaches) or a complete recreation of the bytecode back to original source form (dynamic approaches). The tool I created, Virtual Deobfuscator, will require no static man-hours reversing for the bytecode location or how the VM interpreter works, and will recreate instructions nearly equivalent to the original instructions.