Portable Execution (PE) format internals!

All this low level stuff also got me thinking about the first ever Windows worm I had to deal with when working at a previous company - The Nimda Worm (http://en.wikipedia.org/wiki/Nimda.

This was the first every worm that I had captured and analysed myself - to do so needed an understanding of the Windows Portable Executable (PE) format and these links where just what I needed:



Happy Days.....

Comments (0)

Skip to main content