all InfoSec news
Igor’s Tip of the Week #149: Using symbolic constants in the decompiler
July 21, 2023, 5:56 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
We’ve covered the usage of symbolic constants (enums) in the disassembly. but they are also useful in the pseudocode view.
Reusing constants from disassembly
If a number has been converted to a symbolic constant in the disassembly and it is present in unchanged form in pseudocode, the decompiler will use it in the output. For example, consider this call:
.text:00405D72 push 1 ; nShowCmd
.text:00405D74 cmovnb eax, [esp+114h+lpParameters]
.text:00405D79 push 0 ; lpDirectory
.text:00405D7B push eax ; lpParameters
.text:00405D7C …
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
Principal Security Engineer
@ Elsevier | Home based-Georgia
Infrastructure Compliance Engineer
@ NVIDIA | US, CA, Santa Clara
Information Systems Security Engineer (ISSE) / Cybersecurity SME
@ Green Cell Consulting | Twentynine Palms, CA, United States
Sales Security Analyst
@ Everbridge | Bengaluru
Alternance – Analyste Threat Intelligence – Cybersécurité - Île-de-France
@ Sopra Steria | Courbevoie, France
Third Party Cyber Risk Analyst
@ Chubb | Philippines