Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
Learning Malware Analysis

You're reading from   Learning Malware Analysis Explore the concepts, tools, and techniques to analyze and investigate Windows malware

Arrow left icon
Product type Paperback
Published in Jun 2018
Publisher
ISBN-13 9781788392501
Length 510 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Monnappa K A Monnappa K A
Author Profile Icon Monnappa K A
Monnappa K A
Arrow right icon
View More author details
Toc

Table of Contents (13) Chapters Close

Preface 1. Introduction to Malware Analysis FREE CHAPTER 2. Static Analysis 3. Dynamic Analysis 4. Assembly Language and Disassembly Primer 5. Disassembly Using IDA 6. Debugging Malicious Binaries 7. Malware Functionalities and Persistence 8. Code Injection and Hooking 9. Malware Obfuscation Techniques 10. Hunting Malware Using Memory Forensics 11. Detecting Advanced Malware Using Memory Forensics 12. Other Books You May Enjoy

5. Bitwise Operations

In this section, you will learn the assembly instructions that operate on the bits. The bits are numbered starting from the far right; the rightmost bit (least significant bit) has a bit position of 0, and the bit position increases toward the left. The left-most bit is called the most significant bit. The following is an example showing the bits and the bit positions for a byte, 5D (0101 1101). The same logic applies to a word, dword, and qword:

One of the bitwise instructions is the not instruction; it takes only one operand (which serves as both the source and destination) and inverts all of the bits. If eax contained FF FF 00 00 (11111111 11111111 00000000 00000000), then the following instruction would invert all of the bits and store it in the eax register. As a result, the eax would contain 00 00 FF FF (00000000 00000000 11111111 11111111...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image