Monthly Archives: July 2012

Malware analysis in practise

When you are analysing a malware it is common thing that you have to defeat some layers of obfuscation and anti-debugging. I have decided to describe one part of analyzing interesting sample from past.

Unpacking
A lot of malware samples are encrypted so the first step is find the decrypted part of program. It is possible that there are some anti-debugging tricks. So running in the debugger will cause a crash. Continue reading