Visual Studio (Express, Code, or MSDN-if available) enable MASM as well, VMWare

Question

Visual Studio (Express, Code, or MSDN-if available) enable MASM as well, VMWare Workstation, Ubuntu, Windows 10, IDA PRO, OllyDbg Complete the following exercises. Except for No. 1, this project must be completed on a virtual machine and screen shots must be provided to substantiate your work. Provide a two-page description of reverse engineering malware. Your description should include responses to questions, such as: What is reverse engineering? What is reverse engineering malware? How can malware be reverse engineer? What is a decompiler? What is a disassembler? What is IDA Pro? What is OllyDbg? Write a C/C++ program of your choice. Compile your source code on the following operating systems to obtain machine code: Windows Ubuntu. Use a C/C++ decompiler to recover the C/C++ source code from the machine language code. Given the machine language code posted on Blackboard under Week 14 titled, Machine Language Code for Project - Exercise 3, complete the following: Reverse engineer the machine code to get assembly code use the following tools: IDA PRO OllyDbg Give a line-by-line description of the program.

Explanation / Answer

1

(a)

Reverse'engineering'is'the'process'of' analyzing'a'subject'system'to'create' representaFons'of'the'system'at'a'higher'level' of'abstraction'

Going'backwards'through'the'development' cycle'

• Source'code'deducFon'

• Architecture'discovery'

(b)

Reverse Engineering of the Malware becomes a requirement. Reverse engineering of a malware or an unknown piece of binary file is the process of analyzing and understanding its characteristics, behavior. There are several approaches that several different people use. But in this Blog post, the goal is to give a quick little guide for Malware Reversing so that anyone with an inclination to pick it can do so very easily

(d)

A decompiler is a program or utility that converts machine code back into a high-level programming language allowing it to be read or modified

(e)

it is a software that converts machine language instructions into assembly language instructions . As the term implies, a disassembler performs operations that are the inverse of operations performed by an assemble

(f)

The official line is: IDA Pro combines an interactive, programmable, multi-processor disassembler coupled to a local and remote debugger and augmented by a complete plugin programming environment. Quite a mouthful, isn't it? We are aware that the above speaks only to geeks. The “raison d'être” of this small document is to clarify the nature and the purpose of IDA to the non-technical user

(G)

It is an x86 debugger that emphasizes binary code analysis, which is useful when source code is not available. It traces registers, recognizes procedures, API calls, switches, tables, constants and strings, as well as locates routines from object files and libraries. It has a friendly interface, and its functionality can be extended by third-party plugins

Related Questions

Navigate

• Browse (All)
• Browse V
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.