Nytro Posted April 18, 2011 Report Posted April 18, 2011 Reverse Code Engineering: An In-Depth Analysis of the Bagle VirusAuthor: Konstantin Rozinov1. INTRODUCTION.......................................................................................................................32. BASIC X86 CONCEPTS................................................................................................................32.1. REGISTERS......................................................................................................................42.2. ASSEMBLY.......................................................................................................................52.3. RUNTIME DATA STRUCTURES..................................................................................................72.4. THE STACK......................................................................................................................93. VIRUS OVERVIEW...................................................................................................................123.1. VIRUS HISTORY...............................................................................................................123.2. VIRUS TYPES..................................................................................................................124. BAGLE VIRUS DISASSEMBLY.......................................................................................................134.1. OVERVIEW.....................................................................................................................134.2. ANALYSIS RESOURCES.......................................................................................................144.3. DISASSEMBLY APPROACH....................................................................................................164.4. ANALYSIS PROBLEMS AND SOLUTIONS.....................................................................................194.5. FUNCTIONAL FLOW...........................................................................................................225. CONCLUSIONS......................................................................................................................26APPENDIX A: DETAILED DISASSEMBLY OF BAGLE VIRUS.............................................................................29APPENDIX B: SOURCE CODE LISTING OF BAGLE VIRUS...............................................................................72Download:http://www.binary-auditing.com/downloads/011%20-%20malware%20analysis/3%20Bagle%20A%20Virus/bagle_analysis_v.1.0.pdf 1 Quote
N008Cy807 Posted April 18, 2011 Report Posted April 18, 2011 10X Nytro. Si daca imi permiti o recomandare, cred ca ar fi o idee buna sa postezi la sectiunea tutoriale si link-ul asta: Index of /downloads Contine:001 - c++ fundamentals/002 - assembly language fundamentals/ 003.01 - hll mapping/003.02 - hll mapping/004 - manual decompilation/005 - algorithm analysis/006 - crash analysis/007 - file understanding/008 - copy protection analysis/009 - unpacking/010 - vulnerability analysis/011 - malware analysis/Felicitarile mele pentru link Quote