Tag: rich headers

VB2019 paper: Rich headers: leveraging the mysterious artifact of the PE format

When analysing malware, especially if it’s new and rare, researchers look for every possible clue that could give them details on the context and perhaps help them find similar samples. One such clue could be what has been called ‘rich headers’, an undocumented chunk of data inside PE files. In a paper presented at VB2019…

January 31, 2020

VB2019 paper: Rich headers: leveraging the mysterious artifact of the PE format