« previous next »
Pages: [1]   Go Down

Author Topic: Win32.Harnig commented IDB  (Read 4355 times)

0 Members and 1 Guest are viewing this topic.

August 04, 2009, 07:52:01 pm
Read 4355 times

ocean

  • Special Access
  • Full Member
  • Offline
  • *
  • 49
    • ocean's Inseclab
Win32.Harnig commented IDB
That dropper contains only a few antidebug/antitrace, TEA decoder and internal PE loader. Since it's not that difficult to reverse engineer, I only published the IDB containing some comments instead of writing a paper about it.

http://inseclab.netsons.org/2009/08/04/win32-harnig-idb-with-comments/

cheers,
ocean
Logged
August 20, 2009, 05:27:12 am
Reply #1

Evilcry

  • Special Access
  • Jr. Member
  • Offline
  • *
  • 39
Re: Win32.Harnig commented IDB
Nice work ocean =)
Logged
Deep Root Never Freezes - Tolkien
Pages: [1]   Go Up
« previous next »