Polymorphic Analysis

Information Security Asked by user109889 on November 23, 2021

I’m a beginner at malware analysis. For my research studies, I have to identify polymorphic malware based from experiments. I would like to know if there are any guides showing how to analyze the code (assembly language) of polymorphic malware using ollydbg (or other tools) to see where it started to mutate?

One Answer

In the following articles, the decryption key of the decryption loop is mutated:

There's no universal guide to find all these kinds of mutations with OllyDbg or other tools but you could try to find Crypto code where there're lots of arithmetic/logic instructions as a tip to start your mutation digging journey.

Answered by Minh-Triet Pham Tran on November 23, 2021

Add your own answers!

Related Questions

What’s a “safe” URL shortening algorithm?

3  Asked on December 31, 2020 by bensower


Securing internet connection with hostile ISP

1  Asked on December 29, 2020 by user242761


Is Chrome Browser/ Computer compromised by KMSPico?

0  Asked on December 27, 2020 by waterbyte


Web Cache Deception – exploitable without a cache server?

1  Asked on December 26, 2020 by citylight


Determine if private key belongs to certificate?

3  Asked on December 25, 2020 by thanatos


Filtering http responses for subdomain takeover

0  Asked on December 21, 2020 by kirill-z


Sql map Manual Vulnerability Assessment

1  Asked on December 20, 2020 by badddy


Unknown folders in OneDrive

1  Asked on December 19, 2020 by user851


Ask a Question

Get help from others!

© 2023 All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP