JGE, JL instructions and the usage of the API Monitor (Assembly basics Pt. 4) - Malware analysis

Опубликовано: 16 Май 2025
на канале: Duckademy IT courses

8,183

In this malware analysis tutorial you will learn how to look for junctions using API Monitor and based on this we will change the JGE instruction to JL in 4 different debuggers (OllyDBG 2.01, OllyDBG1.1, Immunity Debugger, WinDbg), both in manual and automated way.
DOWNLOAD the virtual machine from Duckademy: http://www.duckademy.com/downloads

This video is the 5th tutorial of the Malware analysis course at Duckademy.
The 1st and the 2nd tutorials and the virtual machine are also available:
Setting up the environment for Malware analysis:    • Setting up the environment for Malwar...
JE, JZ, JNE, JNZ instructions (Assembly basics Part 1):    • JE, JZ, JNE, JNZ instructions (Assemb...

This malware analysis tutorial will cover:
01:03 Finding the junction in the sample application with API Monitor
06:40 Manual patching in OllyDbg 2.01
09:30 Manual patching in OllyDbg 1.1
11:22 Automating the patching in OllyDbg 1.1 with OllyScript
15:05 Manual patching in Immunity Debugger
16:37 Automating the patching in Immunity Debugger
24:20 Manual patching in WinDbg
31:08 Automating the patching in WinDbg

Please note that this malware analysis tutorial is for educational purposes only.

SUBSCRIBE NOW FOR NEW FREE IT TUTORIALS!
https://www.youtube.com/c/DuckademyIT...

SUBSCRIBE TO OUR EMAIL LIST!
https://www.duckademy.com/#dialog-new...

FOLLOW US!
Facebook ►   / duckademy
Twitter ►   / duckademy
Google+ ► http://gplus.to/duckademy
Linkedin ►   / duckademy

---------------------------------------------------------------------------------