Videos Tools Areas of Research WhitePapers Our Open Source Projects Blogs Contact Us 1960
Over the years I have invested heavily in product R&D building a wide assortment of new skills, and fostering a diverse background and understanding.

These are some of the papers I have developed along my journey that I make freely available to help others along.


Sandsprite Papers
VB6 P-Code / Reversing
Reverse Engineering / Binary Analysis
Visual Basic 6
  • Binary Reuse of VB6 PCode Functions - Avast 2021


    One of my favorite things is binary re-engineering, specifically reusing code from malware as part of my solution to solving it. For this installment we are going to look at how to rip functions from a vb6 pcode executable and call them from our own C loader.

    This 10 page paper includes samples and a custom utility to generate the necessary embedding data

    This is part of what came out of an 8 month long research project into the vb6 file format and pcode instruction set.

    This paper has been published on the Avast Decoded blog. (local pdf, code)
 '
© 2021 Sandsprite.com