Need some background in Assembly, and Intel instructions .. biol.
Currently I am using IDAPro, free version for the so called "RE" purpose. This is tedious, some malware detect the debugger, packed bla bla. Basically this already been known - for preprocessing phase, three obstacles need to be overcome ; deobfuscation, packed binary, encrypted binary.
I wish I could have the plain ones.. yeah, a lot of them. Then concentrate to the first objective of my research - feature selection.
No comments:
Post a Comment