Unicorn Just Got Real: IDB File

Unicorn Just Got Real: IDB File

NSS Labs is providing an IDA DB to researchers interested in performing further analysis of the malware discussed in our blog post, Unicorn Just Got Real. Note that this is not a completely reversed version. We focused on the most important aspects of the malware and provided comments for better understanding. Decompilation should be available inside the IDB as well with the recovered data structure. Some parts of the IDB have not been commented on and were left purely for the reader’s and researcher’s interest.

As with all NSS Labs group tests, there was no fee for participation. All testing was conducted independently and was not paid for by any vendor.