SecurityXploded Blog

Training Session Part 7 – Practical Reversing (II) – Unpacking UPX

Here is the quick update from our this month’s Local Security meet (sx/null/g4h/owasp) where Nagareshwar did splendid session on ‘Practical Reversing (II) – Unpacking. This is part of our ongoing FREE ‘Reversing & Malware Analysis Training’ started since our Jan 2012 meet.



In this interesting practical session, he demonstrated How to manually unpack UPX packed binaries with the help of Ollydbg and Ollydump plugin. He also demonstrated rebuilding of IAT( Import Address Table) using ImpRec tool.


This presentation is already on our Security Presentations page. For those who could not attend this offline session, it also includes demonstration video. Video is not visible on live presentation (issues with slideshare). So you need to download it offline to view the embedded video in presentation.


Special Thanks to Nagareshwar for putting up lot of his personal time and efforts in the midst of his busy schedule to deliver fine session!


Our next session will be on ‘Practical Reversing Part – 3 (Memory Forensics) ‘ where Monnappa will show you how to inspect memory for malicious evidences which includes extraction and analysis of volatile memory images.


So stay tuned to our next meet for yet another exciting session.


— Amit Malik

Leave a Reply