Which of the following types of instructions should the analyst use to understand how the malware was obfuscated and to help deobfuscate it?

During an incident investigation, a security analyst acquired a malicious file that was used as a backdoor but was not detected by the antivirus application. After performing a reverse-engineering procedure, the analyst found that part of the code was obfuscated to avoid signature detection.

Which of the following types of instructions should the analyst use to understand how the malware was obfuscated and to help deobfuscate it?
A . MOV
B . ADD
C . XOR
D . SUB
E . MOVL

Answer: C

Latest CS0-002 Dumps Valid Version with 220 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments