Abstract:

In the ever-evolving world of digital security, protecting our data within computer networks has become paramount. Cryptographic functions are critical in ensuring the confidentiality, integrity, and accessibility of information. However, it's a double-edged sword, as cybercriminals commonly use cryptographic functioons in malicious soAware, such as ransomware. In this paper, we wanted to take a closer look at the possible methods of detecting cryptographic functions within binary files and how that could be used in the early identification of ransomware. Our main purpose was to discover and describe such methods through manual static analysis of ransomware executable files. Carried-out research allowed us to thoroughly explore this problem, find suitable solutions and highlight their advantages and limitations.