Tuesday, September 17, 2013

How do you eat an elephant?

One bite at a time.

I need to step up my Reverse Engineering game so I'm going to try a full coverage analysis of a malware sample a friend of mine sent me.  He actually sent me a bunch of samples, and this is the runt of the litter.  It's also a little dated; the C2 for this sample is already dead and the domains show up on AV sites when googled.  However, this will still be good practice.

That said, 191 functions when opened in IDA.  103 of those are unnamed, so they're the target.  Hopin' to get through it all in (at most) a month.




Let's dance.

No comments:

Post a Comment