EOF

EOF Reader (C++)

March 2, 2020
Malware Detection, Microsoft, End Of File, EOF

EOF Reader is a tiny Visual C++ project designed to detect the presence of EOF (End Of File) data on both 32bit and 64bit valid Portable Executable Files. After creating a similar project in Pascal/Delphi, I decided to port the code in C++. Some Antivirus Software using similar technique to flag some Malware generically. There are very few if no legitimate reason at all to append data at the end of a PE File. ...

Manipulation and Detection of EOF

March 2, 2020
Delphi, Malware Detection, Microsoft, End Of File, EOF

Description This Delphi unit demonstrate how to manipulate EOF Data of a Valid Microsoft Windows Portable Executable (PE) File. EOF (End Of File) is often used by Malware authors to offer their Malware users a way to edit Malware payload configuration (Ex: C2 informations) without having access to source code. You often encounter such techniques in: Remote Access Tool/Trojan (RAT) File Wrapper / Binder Downloader Loader / Botnets But not only. ...