All Questions
Tagged with executable static-analysis
6 questions
0
votes
0
answers
53
views
static analysis for identifying backdoors
I am doing a research in identifying backdoors in windows .exe files. Currently I found some methods to detect.
1.String search in .exe
2.find Reffrence .dll and win32 Api calls using import table
...
8
votes
1
answer
416
views
How to detect internal and shared libraries used in an executable file?
Problem: We want to be able to tell with some certainty that specific versions of internal libraries are being used by a program. For example, if a software uses old, deprecated libraries internally. ...
- 233
1
vote
2
answers
533
views
How to find compressed or encrypted parts in a packed executable?
I want to analyze an executable that went through a packer to look for the parts that have been compressed or encrypted. Of course, it also means that I want to find the code for the decompression or ...
1
vote
2
answers
980
views
identify packer compression or encryption algorithm
I do have an executable packed file.
I want to detect compression or encryption algorithm dynamic and static ways separatly; of course without signature base way.
How can I detect compression or ...
56
votes
7
answers
161k
views
How to know in which language/technology program (.exe) is written?
How to understand if exe/dll is written in C++/.Net/Java or in any other language. I tried to use Dependency walker but not able to get required information.
- 927
9
votes
1
answer
581
views
Loading Windows executable - unexpected data appended at beginning sections after loading in memory
Few days after asking the question I realised I misinterpreted my original findings. It seems .rdata section on file is copied directly to memory, but then first 36 bytes are overwritten by loader ...
- 293