June 2018
Beginner
510 pages
13h 7m
English
Content preview from Learning Malware Analysis
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
1.3.4 Program Disassembly (From Machine code To Assembly code)
As you would expect, machine code contains information about the inner workings of the program. For example, in our program, the machine code included the instructions to print on the screen, but it would be painful for a human to try to understand the machine code (which is stored as a sequence of bytes).
A disassembler/debugger (like IDA Pro or x64dbg) is a program that translates machine code into a low-level code called assembly code (assembly language program), which can be read and analyzed to determine the workings of a program. The following screenshot shows the machine code (a sequence of bytes in the .text section) translated into the assembly instructions representing ...