Malware/How to detect an executable's nature?

From CSRRT-LU

An executable can be

straightforward in other words it contains the instructions that are executed
compressed, the executable is decompressed at start time and finally the decompressed code is executed
encrypted, the code is decrypted and finally executed.

Some conclusion on the code's nature can been drawn regarding

The executable can be examined as a whole or only some sections.

Retrieved from "http://www.csrrt.org/wiki/index.php/Malware/How_to_detect_an_executable%27s_nature%3F"

Views

Personal tools

Navigation

Search

Toolbox