Steganography Analysis With pngdump.py

SUMMARY :

This article discusses the analysis of a PNG file containing hidden malicious content using the pngdump.py tool. The image, 31744 pixels wide and 1 pixel high, was found to have a PE file embedded in its pixel data. The author demonstrates how to extract the hidden file using various Python tools and techniques, including slicing the raw pixel data to isolate the second channel where the malware was concealed. The extracted PE file, identified as a .NET executable, had 49 detections on VirusTotal, while the original PNG file had none, showcasing the effectiveness of this steganography technique in evading detection.

OPENCTI LABELS :

malware,steganography,python,png,data extraction,file analysis,pe file,pngdump


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Steganography Analysis With pngdump.py