Malware Domain List

Malware Related => Malware Analysis => Topic started by: ocean on August 04, 2009, 07:52:01 pm

Title: Win32.Harnig commented IDB
Post by: ocean on August 04, 2009, 07:52:01 pm
That dropper contains only a few antidebug/antitrace, TEA decoder and internal PE loader. Since it's not that difficult to reverse engineer, I only published the IDB containing some comments instead of writing a paper about it.

http://inseclab.netsons.org/2009/08/04/win32-harnig-idb-with-comments/

cheers,
ocean
Title: Re: Win32.Harnig commented IDB
Post by: Evilcry on August 20, 2009, 05:27:12 am
Nice work ocean =)