Avast WEBforum

Other => General Topics => Topic started by: polonus on April 27, 2010, 08:53:54 PM

Title: Decompilation - why we need this?
Post by: polonus on April 27, 2010, 08:53:54 PM: Hi malware fighters,

Good for analysis, decompilation is the reverse of what one does with compilers.
Used for locating malicious code and comprehending malcode programs.
The absence of the full source info is the main problem here
and then obfuscation is the main hindrance to decompilation:
http://en.csharp-online.net/CSharp_FAQ:_How_protect_my_code_against_decompilation

Introduction to this subject:
http://www.program-transformation.org/Transform/DeCompilation
But incomplete without this info:
http://www.hexblog.com/decompilation/
Loads of free tools for ye all: http://www.thefreecountry.com/programming/disassemblers.shtml
good hex viewer: http://sourceforge.net/projects/hexplorer/
enjoy my friends,

pol

P.S. Nice successful example of hex analysis: http://hexblog.com/2010/01/hexrays_against_aurora.html#more

SMF 2.0.18 | SMF © 2015, Simple Machines