what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

FireEye FX / AX / NX / EX Analysis Bypass

FireEye FX / AX / NX / EX Analysis Bypass
Posted Feb 16, 2016
Authored by Moritz Jodeit | Site bluefrostsecurity.de

FireEye FX, AX, NX, and EX products suffer from an analysis bypass vulnerability.

tags | advisory, bypass
SHA-256 | 449aafd21ac2669413a7bfe12b72b0a0409a12dace2cd2b57d2a5622aa29d505

FireEye FX / AX / NX / EX Analysis Bypass

Change Mirror Download
________________________________________________________________________________

Vendor: FireEye, https://www.fireeye.com
Affected Product: FireEye FX, AX, NX, EX
Affected Version: FX < 7.5.1, AX < 7.7.0, NX < 7.6.1, EX < 7.6.2
Severity: High
Title: Detection Evasion and Whitelisting of Arbitrary Malware
________________________________________________________________________________

An analysis engine evasion was identified which allows an attacker to
completely bypass FireEye's virtualization-based dynamic analysis on Windows
and add arbitrary binaries to the internal white list of binaries for which
the analysis will be skipped until the white list entry is wiped after a day.

This effectively allows an attacker to simply whitelist a binary before using
it in a targeted attack without fear of detection.

FireEye has released software updates to address the issue. The full advisory
with technical details is available at the following link:

https://labs.bluefrostsecurity.de/advisories/bfs-sa-2016-001/
________________________________________________________________________________
Login or Register to add favorites

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close