I'm newbie in analyzing Malware. I've installed IDA pro to analyze an malware by name LAb-5 01.dll As soon as i entered i've loaded the .dll file .But i donot know how to find the address of dllMain.Any help will be appreciated.
Asked
Active
Viewed 2,003 times
1 Answers
0
There are many ways to locate DLLMain using IDA Pro.
Once you open the DLL you are pointed directly to DLLMain. To know the address you can go to "Options" --> "General" and check "Line Prefixes". This will show that DllMain function is located at 0x1000D02E:
There are other ways to find it using IDA Pro. You can also search the symbol using the option "Search" --> "text" and writing "DllMain". It might not land in the function definition but you can double-click the symbol to go to the definition.
Another option is going to the Function Window at "Windows" --> "Functions window" (or Alt+1) and scroll until you find DllMain.
newlog
- 1,050
- 1
- 11
- 23