If you’ve come from a Windows or Linux background, you’ll perhaps be familiar with their basic file types, PE and ELF. We’ll keep the theory down to the minimum as this is a practical, hands-on tutorial, but we do need to cover the basics of what this means. The file utility tells us that this is a Mach-O binary. Let’s run file on it and see what it says: It’s time to introduce static analysis techniques and the Mach-O binary format. ![]() ![]() ![]() Let’s continue our investigation of the malware sample in our isolated VM. In Part 1 of our tutorial on macOS malware reverse engineering skills, we discovered a suspicious file containing encrypted code.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |