Книга: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
Назад: 64-Bit Hints at Malware Functionality
Дальше: Labs

Analyzing 64-bit malware is not much different from analyzing 32-bit malware, because the instructions and concepts are very similar. Malware analysts need to understand how function calling and stack usage are accomplished in order to determine how many parameters and local variables each function has. It’s also important to understand the WOW64 subsystem in case you need to analyze a 32-bit executable that modifies system directories or registry keys used by the OS. Most malware is still 32-bit, but the amount of 64-bit malware continues to grow, and its use will extend even more in the future.

Назад: 64-Bit Hints at Malware Functionality
Дальше: Labs

sss
sss