"Researchers at SkullSecurity have written a tutorial on how they reverse engineered the Energizer Trojan and generated an Nmap probe to remotely detect infections. The Energizer Trojan is a great educational tool because its inner workings are very simplistic, and it makes minimal efforts to hide itself or conceal its purpose; it even lists what appears to be the author's name — 'liuhong' — in the source! The article provides an introduction to malware analysis, from infecting a test machine to debugging and disassembling the Trojan to writing the actual probe."
0 comments:
Post a Comment