cryptax

W32/SkyAI uses AI? So do I.

Read it here https://cryptax.medium.com/w32-skyai-uses-ai-so-do-i-d33f04d63534

What's in there?

- Where the malware loads the AI prompt, and what for. And why it fails.
- How to de-obfuscate strings
- Which URLs the malware contacts (beware)
- How to find the encryption key with AI
- How to extract (and decrypt) the embedded PE
- R2ai tips when curl argument is too long
- How the malware checks if it's on a VM
- How much this analysis cost.

Enjoy!

#malware #analysis #r2ai #skynet #topozuy #skyai #AI

W32/SkyAI uses AI? So do I. - @cryptax - Medium

A new sample, named W32/SkyAI (or Topozuy, or Skynet), has recently emerged, showing use of a AI prompt bypass attempt. Perfect occasion to look into with … r2ai! It’s the Radare2 plugin for…

Medium
Jul 4 at 12:40pmWeb