Chapter 12. Practical Reverse Engineering of a Windows Executable
Reverse engineering is very common when dealing with malware analysis. In this chapter, we will look at an executable program and determine its actual behavioral flow using the tools we have learned so far. We will head straight from static analysis to dynamic analysis. This will require that we have our lab set up ready so that it will be easier to follow through.
The target file that will be analyzed in this chapter has behaviors that were seen in actual malware. Regardless of a file being malware or not, we have to handle every file we analyze carefully in an enclosed environment. Let's get started on performing some reversing.
We will cover the following topics in this chapter:
- Practical static analysis
- Practical dynamic analysis