Testing Demonstration

This video provides a brief example showing how to reverse engineer a malware executable, using the tools IDA Pro and WinDbg. First, we use IDA Pro to get important information about the memory execution block used by the unpacker. Then we leverage WinDbg to step through the unpacking process, placing breakpoints along the way, which enable us to ultimately capture the unpacked execution code, and dump that to disk for further examination with IDA Pro. The final result is a visual representation of the harmful and malicious activities that the malware would perform during its initial installation on an infected machine.

We hope you find this video informative, and useful in providing a quick look into the capabilities of the two tools we selected in this Capstone Project.