Followers 0

Tracing C function "fopen" [Part1] - IDA Free User-Mode Walk-Through tracing to NTApi

By Nytro, April 15, 2021 in Tutoriale video

Reply to this topic
Start new topic

Recommended Posts

Nytro

Posted April 15, 2021

- Report

Posted April 15, 2021

in. We will be tracing the execution flow of fopen C function through User-Mode to the ntdll.dll-NtCreateFile where it ends in the part of User-Mode. Sample fopen.exe to download available here: https://github.com/Dump-GUY/Malware-a...

Quote

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

× Pasted as rich text. Paste as plain text instead

Only 75 emoji are allowed.

× Your link has been automatically embedded. Display as a link instead

× Your previous content has been restored. Clear editor

× You cannot paste images directly. Upload or insert images from URL.

Insert image from URL

Desktop
Tablet
Phone

Followers 0

Go to topic listing

Sign In

Tracing C function "fopen" [Part1] - IDA Free User-Mode Walk-Through tracing to NTApi

Recommended Posts

Nytro

Join the conversation

Browse

Activity

Pages