History

CyberMonitor 1a3af10a4d 2019.04.19.Funky_malware_format		2019-04-23 09:56:08 +08:00
..
CMakeLists.txt	2019.04.19.Funky_malware_format	2019-04-23 09:56:08 +08:00
isfb_header.h	2019.04.19.Funky_malware_format	2019-04-23 09:56:08 +08:00
isfb_parser.cpp	2019.04.19.Funky_malware_format	2019-04-23 09:56:08 +08:00
isfb_parser.h	2019.04.19.Funky_malware_format	2019-04-23 09:56:08 +08:00
isfb_to_pe.cpp	2019.04.19.Funky_malware_format	2019-04-23 09:56:08 +08:00
isfb_to_pe.h	2019.04.19.Funky_malware_format	2019-04-23 09:56:08 +08:00
main.cpp	2019.04.19.Funky_malware_format	2019-04-23 09:56:08 +08:00
README.md	2019.04.19.Funky_malware_format	2019-04-23 09:56:08 +08:00
util.cpp	2019.04.19.Funky_malware_format	2019-04-23 09:56:08 +08:00
util.h	2019.04.19.Funky_malware_format	2019-04-23 09:56:08 +08:00

isfb_parser

Parses (and optionaly converts to PE) the custom executable format (PX) used by ISFB (Gozi v3) malware.

Samples: