Malware Unicorn

twitter: @malwareunicorn
Company: Endgame, Inc.

View My GitHub Profile

Go Back to Reverse Engineering Malware 101

Section 3: Reverse Engineering (RE) Tools




Information Gathering

Helpful Websites


Tools Used in the Workshop

Disassembler: IdaFree

alt text

Action Command
Jump to xref to operand X
Jump to address G
Enter comment Shift+;

Debugger: x64dbg

alt text

Common Commands

Action Command
Enter comment ;
BreakPoint F2
Step into F7
Step over F8
Run F9
Edit Instruction Space

Keyboard Layout for IdaFree and x64dbg

alt text

Information Gathering: CFF Explorer

alt text

Information Gathering: Sysinternals Suite

alt text

Section 2.1 <- Back Next -> Section 4