Gone in (5x) Sixty Seconds

Robert Neumann, Virusbuster Ltd., Hungary

As the numper of packed malware is increasing daily, it is more and more important for one to be able to process it as quickly as possible. The tools are out there for the task, but often it's a tough decision what to use and how to use. In this presentation I will cover the basic principles of unpacking a known or yet unknown packed malware sample. The goal is to demonstrate that - almost - everything (be it as simple as Upack or as complicated as Themida) can be unpacked in 5 minutes if we choose the right approach.