IDA Pro Enhances Hostile Code Analysis Support

Hi,

IDA Pro is really amazing, new IDA ( 5.4 ) will have an innovative support for Hostile Code Analysis, that consists on a Bochs Emulated Debug Environment.

“The next version of IDA will be released with a bochs debugger plugin, and what is nice about is that you will be able to use it easily by just downloading bochs executables and telling IDA where to find it.”

“Finally comes the pe loader, which is a specialized bochs loader, that will read your PE file and create a virtual environment similar to windows environment, trying to mimic basic demands for a PE file (import resolution, SEH, api emulation backed by IDC scripts).”

What to say? is a really great enhancement for Malware Analysis😉

Here you can watch the first video on Bochs Debugging http://hex-rays.com/video/bochs_video_1.html

Regards,

Giuseppe ‘Evilcry’ Bonfa’🙂

2 Responses to IDA Pro Enhances Hostile Code Analysis Support

  1. b0ne says:

    Ida 5.3 is already out… presumably it will be Ida 5.4, but we’ll see…

  2. evilcodecave says:

    True it’s IDA 5.4, thanks!😉

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: