A forum for reverse engineering, OS internals and malware analysis 

Ask your beginner questions here.
 #30535  by xors
 Mon Jul 03, 2017 7:25 pm
set a BP to "call edi" in order to continue your analysis

Edit 2: Forgot to mention that it's Andromeda malware
Attachments
password:infected
(15.16 KiB) Downloaded 13 times