Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore wide character strings and their connection to import tables in this 10-minute malware analysis tutorial. Learn to move beyond simple ASCII analysis by compiling and investigating the _w version of a downloader to observe how strings change in binary format. Discover the utility of FLOSS for identifying both ASCII and UTF-16 strings during accurate triage processes. Master the use of dumpbin to extract lists of external libraries and functions required by programs. Develop skills in differentiating between developer-written code and standard compiler noise by understanding why common imports like IsDebuggerPresent might be added by a compiler's runtime rather than the malware author. Gain essential knowledge for distinguishing between intentional malicious code and standard compilation artifacts in reverse engineering and cybersecurity analysis.
