PDA

View Full Version : Basics for Malware Reversing


WeKnow
March 4th, 2013, 18:04
Hi folks,

I want to improve my knowledge on Malware Reversing and have started reading for the same. I wanted suggestions about few key topics for reversing malwares:

1. Understanding and identifying Code Injection through debuggers - I have gone through basic ways in which a malware injects code but have not been able to see it step by step in Olly
2. Breaking in Olly when the malware communicates with the C&C through network
3. Identifying decrypting routines used by malware and viewing the decrypted content in the debugger

I have started reading basics from a few sources like "Reverse Engineering book by Eldad Eilam" and "Lenas Tutorials". It would be great to get any pointers on how I can perform these topics in debuggers.

Thanks

Kayaker
March 4th, 2013, 21:48
Hi

Here are couple of other resources you might want to refer to, if you haven't already seen them, which may shed light on your specific questions.

http://www.opensecuritytraining.info/Training.html
http://fumalwareanalysis.blogspot.ca/p/malware-analysis-tutorials-reverse.html

Hopefully others will have additional suggestions.

WeKnow
March 19th, 2013, 11:46
very useful links, thanks a lot