Title: Unpacking Techniques and Tools in Malware Analysis
Abstract: Nowadays most of malware samples are packed with runtime packers to complicate the task of reverse engineering and security analysis in order to evade detection of signature-based anti-virus engines. In the overall process of malware analysis, unpacking a packed malicious binary effectively is a necessary preliminary to extract the structure features from the binary for generation of its signature, and therefore several unpacking techniques have been proposed so far that attempt to deal with the packer problem. This brief survey article provides an overview of the currently published prevalent unpacking techniques and tools. It covers the operation process of packing and unpacking, packer detection methods, heuristic policies for spotting original entry point (OEP), environments for runtime unpacking, anti-unpacking techniques, and introduces several typical tools for unpacking.
Publication Year: 2012
Publication Date: 2012-09-01
Language: en
Type: article
Indexed In: ['crossref']
Access and Citation
Cited By Count: 4
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot