aljaz/securedorg.github.io
1
0
Fork 0
mirror of https://github.com/aljazceru/securedorg.github.io.git synced 2025-12-19 07:04:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update re102_section4.md

Browse Source
This commit is contained in:
SECURED.ORG
2017-08-10 22:50:57 -07:00
committed by GitHub
parent 2453e1959d
commit 97b2164241
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
RE102/re102_section4.md
View File

@@ -60,7 +60,7 @@ Cryptographic algorithms are often grouped into two major categories: symmetric
![alt text](https://securedorg.github.io/RE102/images/Section4_cipher.png "Section4_cipher")
For every subkey K in this algorithm, it has to loop through each K to XOR and Swap. In the disassembly you will be able to see this looping, incrementing, and swapping action going on. Now lets look at sub_45B5AC.
For every subkey K in this algorithm, it has to loop through each K to XOR and Swap. In the disassembly you will be able to see this looping, incrementing, and swapping action going on. Now lets look at `sub_45B5AC`.
![alt text](https://securedorg.github.io/RE102/images/Section4_looping.png "Section4_looping")
@@ -84,4 +84,4 @@ In the beginning of this section, it mentioned you need to be suspicious of NOP
The next subsection will go over identifying which cryptographic algorithm this malware is using.
[Section 3.2 <- Back](https://securedorg.github.io/RE102/section3.2) | [Next -> Section 4.1](https://securedorg.github.io/RE102/section4.1)
[Section 3.2 <- Back](https://securedorg.github.io/RE102/section3.2) | [Next -> Section 4.1](https://securedorg.github.io/RE102/section4.1)