Using Generative AI to Understand How an Obfuscated Script Works
Posted by David Brunsdon | March 28 2024
Tackling Code Obfuscation When facing a new technical challenge, I’m someone who often feels "in over my head," I tackle these feelings through research and preparation. Today, I'm delving into code obfuscation, a frequent challenge in malware analysis. I'll also demonstrate how a solo intelligence analyst can navigate such a challenge using generative AI. In the context of Windows, batch files are scripts that can automate the placement, execution, and deletion of malware. To conceal these capabilities, obfuscation techniques are employed. There are numerous methods to hide code, making it difficult for both humans and machines to understand its purpose. A particular tool recently caught my attention due to the perplexing nature of its output. This signals that there's more for me to learn, so let's dive in. The obfuscator: https://github.com/BiggerDABOSS/BatchObfuscator When I run my benign script through BatchObfuscator, it transforms from readable to unreadable. (image: original