Portable Execution (PE) format internals!

All this low level stuff also got me thinking about the first ever Windows worm I had to deal with when working at a previous company – The Nimda Worm (http://en.wikipedia.org/wiki/Nimda.

This was the first every worm that I had captured and analysed myself – to do so needed an understanding of the Windows Portable Executable (PE) format and these links where just what I needed:



Happy Days…..

Comments (0)

Skip to main content