Posts Written ByJason Reaves

Jason Reaves

Jason Reaves is a Principal Threat Researcher at SentinelLabs who specializes in malware reverse-engineering. He has spent the majority of his career tracking threats in the Crimeware domain, including reverse-engineering data structures and algorithms found in malware in order to create automated frameworks for harvesting configuration and botnet data. Previously, he worked as a software developer and unix administrator in the financial industry and also spent six years in the U.S. Army. Jason holds multiple certifications related to reverse-engineering and application exploitation and has published numerous papers on topics such as writing malware scripts pretending to be a bot, unpackers, configuration data harvesters and covert channel utilities. He enjoys long walks in IDA and staring at RFCs for hours.

Advanced Persistent Threat

Breaking TA505’s Crypter with an SMT Solver

TA505 threat group use a crypter common to Clop/CryptoMix ransomware and others. We tear it down with a new unpacker utilizing SMT

Crimeware

Revealing the Trick | A Deep Dive into TrickLoader Obfuscation

TrickBot’s loader has received much less attention than other components of the malware. Jason Reaves shows how to reverse engineer the TrickLoader function

0 / 45

Posts Written ByJason Reaves

Jason Reaves

Detecting macOS.GMERA Malware Through Behavioral Inspection

RIG Exploit Kit Chain Internals