Volume 7 Number 8 (Aug. 2012)
Home > Archive > 2012 > Volume 7 Number 8 (Aug. 2012) >
JSW 2012 Vol.7(8): 1706-1712 ISSN: 1796-217X
doi: 10.4304/jsw.7.8.1706-1712

Reverse Analysis of Malwares: A Case Study on QQ Passwords Collection

Luo Wenhua, Li Na, and Tang Yanjun
Computer Crime Investigation Department of China Criminal Police University, Shenyang, China

Abstract—Malware analysis is becoming an important specialization in the field of digital investigation. Reverse analysis is the most common method in analyzing malware. The reverse analysis process is an advanced and efficient method that exposes the intention and processes of malware. This paper introduces the basic concepts, methods, and tools of the reverse analysis process. A true case study of malware in China, used to obtain QQ account information and passwords, is presented to illustrate the whole process of the reverse analysis process of malware from the aspects of checking pack, unpacking, breakpoint setting, program tracing, anti-kill technique and key information acquiring.

Index Terms—Malware; Digital Investigation; Reversing; QQ Passwords Collecting; Start Function; Shell; Windows API

[PDF]

Cite: Luo Wenhua, Li Na, and Tang Yanjun, "Reverse Analysis of Malwares: A Case Study on QQ Passwords Collection," Journal of Software vol. 7, no. 8, pp. 1706-1712, 2012.

General Information

ISSN: 1796-217X (Online)
Frequency: Monthly
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Yoyo Y. Zhou
Abstracting/ Indexing: DBLP, EBSCO, ProQuest, INSPEC, ULRICH's Periodicals Directory, WorldCat, CNKI,etc
E-mail: jsw@iap.org
  • Jun 25, 2019 News!

    Papers published in JSW Vol. 14, No. 1- Vol. 14 No. 6 have been indexed by DBLP.    [Click]

  • Jun 25, 2019 News!

    Vol.13, No.9 has been indexed by EI (Inspec).   [Click]

  • Aug 01, 2018 News!

    [CFP] 2019 the annual meeting of JSW Editorial Board, ICCSM 2019, will be held in Barcelona, Spain, July 14-16, 2019.   [Click]

  • May 15, 2019 News!

    Vol.13, No.6- Vol.13, No.8 has been indexed by EI (Inspec).    [Click]

  • Jun 24, 2019 News!

    Vol 14, No. 7 has been published with online version 4 original aritcles from 3 countries are published in this issue.   [Click]