Skip to main content

Debugging Tricks for Unpacking Malware

  • Chapter
  • First Online:
Malware Analysis and Detection Engineering
  • 2266 Accesses

Abstract

In Chapter 7, we spoke about packers and how malware author uses them to hide his real malware payload by obfuscating it and generating a new packed malware executable/binary that contains within the original malware payload but now in obfuscated form. This packed binary is created by passing a malicious payload to a packer program. We also saw that static string analysis of packed samples barely gives you anything meaningful that we can connect to any malicious behavior to classify the sample as malicious.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

eBook
USD 16.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 89.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Author information

Authors and Affiliations

Authors

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Abhijit Mohanta, Anoop Saldanha

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Mohanta, A., Saldanha, A. (2020). Debugging Tricks for Unpacking Malware. In: Malware Analysis and Detection Engineering. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-6193-4_17

Download citation

Publish with us

Policies and ethics