#1
|
|||
|
|||
Question|IDA PRO
Hello!
I downloaded IDA PRO 6.6, 6.5 and wanted to know how can I check if the file I got is a clean(no virus) version. Thanks! |
#2
|
|||
|
|||
Quote:
Anyway , to be specific to your question - you have to make sure 1. you unpacked the file(if its packed) , 2. dont run the file by mistake (use a lab environment thats why) . Then figure out what it will do/does (Again running it in a sandboxed environment environment will yield your result much easier) . This is the basics . But each of the steps involve complexity . You can check different malware analysis sites on the net for examples |
#3
|
|||
|
|||
I recommend you to read Practical Malware Analysis, it's a very good introduction to the subject
|
#4
|
|||
|
|||
maybe Ilfack puts somewhere MD5 of his genuine instlalers? (not sure)...
|
#5
|
|||
|
|||
May be registered users can ask Ilfack about the MD5/SHA1 or check it by him self, and be kind to post the hash value here. So our in this forum can be sure that the setup was original.
(sorry for my terrible English) |
#6
|
|||
|
|||
Quote:
I have no problem start from there just want to read more opinions and thoughts. Quote:
x64/32_dbg I have no idiea about it. Just wanted to check IDA and about running VMware I will do it later. I thought I can find my answer here. Sorry if spammed or uncleared, just cannot find instructions at google. Thanks all for response and please don't junk. |
#7
|
|||
|
|||
Quote:
It cannot detect Malwares. My closest assumption is that you are asking if file is packed or not. You can check that by loading it up in any diassembler. there is no standard thumb rule to do so. But usually packed files have custom stub for unpacking and oep re-routed to this custom stub. Use available 3rd party packer analyzers for now. |
#8
|
||||
|
||||
This is just a classic case of a new malware reverser wanting to jump headfirst into reversing with IDA Pro 6.6 instead of taking a step back and READING SOME RECCOMENDED LITERATURE by many many many members of every reversing community ever...:
Reversing: Secrets of Reverse Engineering - by Eldad Elium The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler - by Chris Eagle but for both of these it would help to know how to program before....I suggest you don't use any of this crap and learn some C++. |
#9
|
|||
|
|||
i Think some of you guys give the wrong answer to "Stitch"
he Downloaded IDA Pro v6.6 , 6.5 and he want use it ! he asking how be sure the file he downloaded is Clean ! i mean IDA itself ! no virus or trojan binded. |
#10
|
||||
|
||||
tK! - yes, that was my opinion too. I believe some or all of the full installer exe files did have an MD5 given.
Git |
#11
|
|||
|
|||
Most of them, do
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Question on PKE | TmC | General Discussion | 8 | 09-19-2007 23:59 |
VS 6 question(s)... | newguy | General Discussion | 9 | 04-22-2004 19:49 |
Question to JMI | Rhodium | General Discussion | 1 | 02-20-2004 06:16 |