aljaz/securedorg.github.io
1
0
Fork 0
mirror of https://github.com/aljazceru/securedorg.github.io.git synced 2025-12-22 00:14:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
b97eff6b3b6db12c25fbaaad466f5eb3ebad51a0
securedorg.github.io/fundamentals2.md
Amanda Rousseau 6209db48e8 updating navigation
2017-03-08 13:02:06 -08:00

742 B
Raw Blame History

layout, permalink, title
layout permalink title
default /RE101/section1.2/ Fundamentals

Go Back to Reverse Engineering Malware 101

Section 1.2: Fundamentals

Anatomy of a Windows PE C program

Typical windows programs are in the Portable Executable (PE) Format. Its portable because it contains information, resources, and references to dynamic-linked libraries (DLL) that allows windows to load and execute the machine code.

alt text

PE Header

Memory Layout

The Stack

Environment Setup <- Back | Next -> x86 Assembly