ELF Archives - Intezer

Teaching Capa New Tricks: Analyzing Capabilities in PE and ELF Files

When analyzing malware, one of the goals in addition to identifying what malware it is, is to understand what it does when...

ELF Malware Analysis 101: Linux Threats No Longer an Afterthought

Introduction Linux has a large presence in the operating systems market because it’s open-sourced, free, and software development oriented—meaning its rich ecosystem...

Executable and Linkable Format 101 Part 4: Dynamic Linking

This is a new post in our Executable and Linkable Format (ELF) 101 series, where the goal is to spread awareness about the...

Muhstik Botnet Reloaded: New Variants Targeting phpMyAdmin Servers

The Muhstik botnet was first exposed by Netlab360 researchers in May 2018. This botnet targeted mainly GPON routers. At Intezer we found that Muhstik is extending its spectrum...

Intezer Analyze™ ELF Support Release: Hakai Variant Case Study

ELF SUPPORT We would like to proudly announce that Intezer Analyze™ now supports genetic malware analysis for ELF binaries! You may now...

Executable and Linkable Format 101 Part 3: Relocations

In our previous post, we went through the concept of symbols and their functionality. In this post we will introduce the concept...

Executable and Linkable Format 101. Part 2: Symbols

In our previous post, we focused on understanding the relationship between sections and segments, which serve as the foundation for understanding the...

Executable and Linkable Format 101 - Part 1 Sections and Segments

Introduction This marks the first of several blog posts that will focus on Executable and Linkable Format (ELF) files. In this series,...