URL details: practicalmalwareanalysis.com/colorida-idc-2/
URL title:
ColorIDA.IDC | Running the Gauntlet
URL description:
#include <idc.idc> static main(void) { auto currentEA; auto currentMnem; auto prevMnem; auto currentOp; prevMnem = ""; currentOp; currentEA = FirstSeg(); currentEA = NextHead(currentEA, 0xFFFFFFFF); while (currentEA != BADADDR) { currentMnem = GetMnem(currentEA); //Highlight call functions if (currentMnem == "call") SetColor(currentEA, CIC_ITEM, 0xc7c7ff); //Non-zeroing XORs are often signs of data encoding if (currentMnem == "xor") {…
URL last crawled:
2022-05-17
We found no external links pointing to this url.