Malware Domain List

Malware Related => Malware Analysis => Topic started by: MathewMickle on April 12, 2012, 09:02:21 am

Title: Basic JavaScript Deobfuscation Steps
Post by: MathewMickle on April 12, 2012, 09:02:21 am
I saw SysAdMini wrote the following guidelines at http://www.malwaredomainlist.com/forums/index.php?topic=4003.0
================
General guidelines:
-use "format code" to structure code
-use a second decoder tab to resolve "replace" instructions. you can do this by "eval(some_replace_instruction)". Now code is much more readable.
-transform DOM functions which Malzilla is unable to manage (getElementbyId, document.location.href)
================
 
However, the guidelines is limited to Malzilla.

So does it exist some steps to deobfuscate JavaScript?