Jump to content
Nytro

An In-Depth Analysis of the Bagle Virus

Recommended Posts

Posted

Reverse Code Engineering: An In-Depth Analysis of the Bagle Virus

Author: Konstantin Rozinov

1. INTRODUCTION.......................................................................................................................3
2. BASIC X86 CONCEPTS................................................................................................................3
2.1. REGISTERS......................................................................................................................4
2.2. ASSEMBLY.......................................................................................................................5
2.3. RUNTIME DATA STRUCTURES..................................................................................................7
2.4. THE STACK......................................................................................................................9
3. VIRUS OVERVIEW...................................................................................................................12
3.1. VIRUS HISTORY...............................................................................................................12
3.2. VIRUS TYPES..................................................................................................................12
4. BAGLE VIRUS DISASSEMBLY.......................................................................................................13
4.1. OVERVIEW.....................................................................................................................13
4.2. ANALYSIS RESOURCES.......................................................................................................14
4.3. DISASSEMBLY APPROACH....................................................................................................16
4.4. ANALYSIS PROBLEMS AND SOLUTIONS.....................................................................................19
4.5. FUNCTIONAL FLOW...........................................................................................................22
5. CONCLUSIONS......................................................................................................................26
APPENDIX A: DETAILED DISASSEMBLY OF BAGLE VIRUS.............................................................................29
APPENDIX B: SOURCE CODE LISTING OF BAGLE VIRUS...............................................................................72

Download:

http://www.binary-auditing.com/downloads/011%20-%20malware%20analysis/3%20Bagle%20A%20Virus/bagle_analysis_v.1.0.pdf

  • Downvote 1
Posted

10X Nytro. Si daca imi permiti o recomandare, cred ca ar fi o idee buna sa postezi la sectiunea tutoriale si link-ul asta: Index of /downloads

Contine:

001 - c++ fundamentals/

002 - assembly language fundamentals/

003.01 - hll mapping/

003.02 - hll mapping/

004 - manual decompilation/

005 - algorithm analysis/

006 - crash analysis/

007 - file understanding/

008 - copy protection analysis/

009 - unpacking/

010 - vulnerability analysis/

011 - malware analysis/

Felicitarile mele pentru link

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...