Tag: PE-files

• Finding the PE Magic header using Windbg

  I have been learning Windbg lately and try to apply what I have learnt via simple experiments on Window files. Here is how I was able to extract the magic header – MZ of an EXE image. After opening the binary into Windbg, First, lets get the image base address using lm (load modules). The…

  raghavan

  September 26, 2024

  binary files, magic number, malware-analysis, Uncategorized

  malware-analysis, PE-files, python, windbg