Reverse Engineering C++ Malware With IDA Pro
Update: 2019-06-03
Description
This tutorial covers the basics needed to get started with reverse engineering C++ malware. We cover classes, constructors, structs, and a few tricks to help speed up your analysis with IDA. We have a short blog post here: https://oalabs.openanalysis.net/2019/06/03/reverse-engineering-c-with-ida-pro-classes-constructors-and-structs/
The compiled example we analyzed is available on malshare here:
https://malshare.com/sample.php?action=detail&hash=4bd19107be0e1fda595e009a6c787f86
You can download the freeware version of IDA here (sorry no decompiler): https://www.hex-rays.com/products/ida/support/download_freeware.shtml
If you want to try Ghidra there is an excellent online tutorial website you can check out here: https://ghidra.re/online-courses/
Ghidra download: https://ghidra-sre.org/
Feedback, questions, and suggestions are always welcome : )
Sergei https://twitter.com/herrcore
Sean https://twitter.com/seanmw
As always check out our tools, tutorials, and more content over at https://www.openanalysis.net
#ReverseEngineering #cpp #structs #IDAPro
The compiled example we analyzed is available on malshare here:
https://malshare.com/sample.php?action=detail&hash=4bd19107be0e1fda595e009a6c787f86
You can download the freeware version of IDA here (sorry no decompiler): https://www.hex-rays.com/products/ida/support/download_freeware.shtml
If you want to try Ghidra there is an excellent online tutorial website you can check out here: https://ghidra.re/online-courses/
Ghidra download: https://ghidra-sre.org/
Feedback, questions, and suggestions are always welcome : )
Sergei https://twitter.com/herrcore
Sean https://twitter.com/seanmw
As always check out our tools, tutorials, and more content over at https://www.openanalysis.net
#ReverseEngineering #cpp #structs #IDAPro
Comments
In Channel
Download from Google Play
Download from App Store
United States00:00
00:00
x
