Disassembling with IDA

Use IDA to disassemble and analyze the binary payload of the Blaster worm.

- [Instructor] IDA is a professional-grade disassembler,…and it's probably the most popular disassembler…in the malware reverse engineering community.…It's also available as a free community addition,…IDA Pro 5, which is not as richly featured…as the commercial version.…The purpose of a disassembler is to reconstruct code…from binary form and display it as assembler coding.…If the executable contains debug information…or an associated debug file can be obtained,…then the disassembler can recover such things as…function and variable names.…

However, malware reverse engineering…rarely offers such luxuries.…Mostly the code can be recovered,…but the meaning has to be drawn out, byte by byte.…Earlier in the course, we recovered the…Blaster worm payload coding.…What we know is the external symptoms.…The code is installed through port 135…using the DCOM exploit.…Then this payload then sets up a command shell…on port 4444.…Let's now take a first look at the payload.…

I've constructed the Blaster payload…into a binary file and loaded it into IDA.…

Resume Transcript Auto-Scroll

Author

Malcolm Shore

Skill Level Intermediate

1h 22m

Duration

18,484

Views

Show More Show Less

Related Courses

Introduction
- Welcome
  1m 45s
- What you should know before watching this course
  1m 7s
- Disclaimer
  59s
1. Malware
- Using reverse engineering to understand code
  4m 22s
- Considering malware in families
  2m 4s
- Automated malware analysis using IRMA
  5m 55s
- Automated malware analysis using VxStream
  11m 8s
- Advanced sandboxing firewalls
  2m 58s
- Unpacking files
  5m 12s
2. Forensics
- Enumerating auto-runs
  4m 20s
- Analyzing network connections
  4m 32s
- Looking at processes
  10m 37s
- Examining PE files
  5m 14s
- Hiding code: A case study
  4m 23s
- Disassembling with IDA
  4m 55s
3. Studying WannaCry
- A first look at WannaCry
  5m 27s
- Peeking into WannaCry
  6m 14s
Conclusion
- What's next
  1m 27s

Show MoreShow Less

Take notes with your new membership!

Type in the entry box, then click Enter to save your note.

1:30Press on any video thumbnail to jump immediately to the timecode shown.

Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.

Start My Free Month

Skills covered in this course

Security IT

Lynda.com is now LinkedIn Learning!

To access Lynda.com courses again, please join LinkedIn Learning

Categories

3D + Animation Topics

3D + Animation Software

3D + Animation Learning Paths

Audio + Music Topics

Audio + Music Software

Audio + Music Learning Paths

Business Topics

Business Software

Business Learning Paths

Business Guides

CAD Topics

CAD Software

CAD Learning Paths

Design Topics

Design Software

Design Learning Paths

Developer Topics

Developer Software

Developer Learning Paths

Education + Elearning Topics

Education + Elearning Software

Education + Elearning Learning Paths

IT Topics

IT Software

IT Learning Paths

Marketing Topics

Marketing Software

Marketing Learning Paths

Photography Topics

Photography Software

Photography Learning Paths

Video Topics

Video Software

Video Learning Paths

Web Topics

Web Software

Web Learning Paths

Web Guides

Disassembling with IDA

Author

Skill Level Intermediate

Duration

Views

Related Courses

Ethical Hacking: Exploits

Ethical Hacking: Penetration Testing

Learning Ransomware Countermeasures

Introduction

1. Malware

2. Forensics

3. Studying WannaCry

Conclusion

Take notes with your new membership!

Skills covered in this course

Continue Assessment

Start My Free Month