摘要
逆向分析是恶意程序分析的常用方法之一,在揭示恶意程序意图及行为方面发挥着其他方法无法比拟的作用。着重从启动函数、函数参数传递、数据结构、控制语句、Windows API等方面归纳总结恶意程序反汇编代码一般规律,并结合一起利用恶意程序窃取QQ账号与密码的真实案例说明快速准确定位关键信息的具体方法。
Reverse analysis is the most common method in analyzing malware.The reverse analysis process is an advanced and efficient method that exposes the intention and processes of malware.The focus of this paper was to show the general patterns ascertained using reverse analysis applied to the aspects of start function,parameter transfer of function,data structure,control statement and Windows API.A case study of malware,used to obtain account information,login names,and passwords for the popular Chinese social networking program "QQ",was presented to illustrate how the reverse analysis quickly and accurately locates key information used to determine general patterns.
出处
《计算机应用》
CSCD
北大核心
2011年第11期2975-2978,共4页
journal of Computer Applications
基金
公安部应用创新计划项目(2011YYCXXJXY121)