Awesome
Fix stomped imports
Author: Rob Bone (LRQA Nettitude)
Fix stomped imports
Description:
Recover the imports from a stomped PE header by pasting in an IAT dump from dynamic analysis.
Simply copy the IAT during dynamic analysis using e.g. x64dbg and paste it into the plugin dialog.
See the blog post for more details: https://labs.nettitude.com/blog/binary-ninja-plugin-fix-stomped-imports
Live malware example sample: acf361296c9e1cf5b4ceff11e1790c57e6e1d753df9bef087aadad256dc5a123
Minimum Version
5529
License
This plugin is released under an MIT license.
Metadata Version
2