From 555e1b7d6513db2ede24ad6e4f9061c7f0b1a36c Mon Sep 17 00:00:00 2001 From: mether049 Date: Sat, 15 Feb 2020 18:53:04 +0900 Subject: [PATCH] Update malware-analysis_ref_and_memo.md --- malware-analysis_ref_and_memo.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/malware-analysis_ref_and_memo.md b/malware-analysis_ref_and_memo.md index a34a1f7..ca718cd 100644 --- a/malware-analysis_ref_and_memo.md +++ b/malware-analysis_ref_and_memo.md @@ -240,7 +240,11 @@ to do... ### Decompiler to do... - +### Perspective +- topdown + - コードの先頭から解析 +- bottom-pup + - 表層解析で得たキー情報(Win32API,怪しい文字列,etc.)の周辺から解析 ### ref: - Intel系アーキテクチャSoftware Developer向けのマニュアル
[Intel® 64 and IA-32 Architectures Software Developer Manuals](https://software.intel.com/en-us/articles/intel-sdm)