Labeless Part 3: How to Dump and Auto-Resolve WinAPI Calls in LockPos Point-of-Sale Malware
In this part we show how to automatically resolve all WinAPI calls in malicious code dump of LockPoS Point-of-Sale malware. Instead of manually reconstructing a corrupted Import Address Table we simply extract a target portion of code in the research database with all the calls present in it. We also demonstrate how to automatically propagate… Click to Read More
The post Labeless Part 3: How to Dump and Auto-Resolve WinAPI Calls in LockPos Point-of-Sale Malware appeared first on Check Point Research.
You may also like
Patch Now: Check Point Research Explains Shadow Pad, NailaoLocker, and its Protection
A newly identified threat activity cluster leveraged the already-patched Check ...
Cyber Criminals Using URL Tricks to Deceive Users
Overview: In a newly observed scam, Check Point researchers found ...
Check Point’s SASE Tops Scores for Threat Prevention
Known malware is dangerous, but the real risk lies in ...
January 2025’s Most Wanted Malware: FakeUpdates Continues to Dominate
Check Point Software’s latest threat index highlights that FakeUpdates continues ...