Professional Documents
Culture Documents
ARTICLE Forensics
ARTICLE Forensics
ARTICLE Forensics
COM/)
(https://twitt
(http
MOR ON
Information Securit
(https://zeltser.com/information-
securit)
This cheat sheet outlines tips for reversing malicious Windows exe- Malicious Software
cutales via static and dnamic code analsis with the help of a de- (https://zeltser.com/malicious-
ugger and a disassemler. To print it, use the one-page PDF (/me-
software)
pop EAX Remove contents from top of the stack and put
them in AX .
R8 (64 its)
________________________________||||||||||||||||||||||||||||||||
R8 (8 its)
Post-Scriptum
Authored Lenn Zeltser (/) with feedack from Anuj Soni
(https://malwolog.com/). Malicious code analsis and related topics
are covered in the SANS Institute course FOR610: Reverse-ngi-
neering Malware (https://sans.org/for610), which the’ve co-au-
thored. This cheat sheet, version 1.0, is released under the Creative
Commons v3 “Attriution” License (https://creativecommons.org/li-
censes//3.0/).