| ||||||||||||
| |||||
Disassembly can be tricky at times. When you disassemble a program, you are throwing the contents of the program into memory. It’s not uncommon during an involved analysis to accidentally execute the code. Because of this, many disassemblers do their work on a separate machine, which is not their work or primary home computer. Others run the decoding process in a virtual session.
No matter which environment you choose, be careful. Nothing is more embarrassing than the security professional accidentally releasing malicious code. In my 15+-year career, this has happened to me only once, and that was during my first year of malware code analysis.
| |||||