2Dec/090
Malware Tricks I
Today, while analyzing a family of malwares (the familiy called by some vendors as "Krap") I noticed a good and new, at least for me, antiemulation technique. What do you think this sample code does?
some_func:
-
; Do stuff...
-
-
start:
-
push offset some_func
-
jmp edx