2014 class material
Changes:
- Added common string encodings (UTF-8, UTF-16, etc)
- Added packer categories and references.
- Updated Generic RE Algorithm
- Added instructions for using PDFStreamDumper to extract shellcode from a PDF
- Minor formatting changes
- Added sdhash reference to Triage section
- Added shellcode example-specific decoding IDC script
As before, the Malware ZIP is an encrypted zip with a password of "infected" (without the quotes). All of the .exe files have been renamed to .ex_.