0
I've started analyzing the Duqu's Driver which is gonna lead to the most of the its skeleton ... so I have no problem with static analysis but I want to debug it under windbg or IDA... so I've setup a virtual lab with vmware just like always and configured it for kernel debugging but I cannot set a Breakpoint at DriverEntry ..... so I got a nice range of memory address which is being repeated everytime but how can I set a BP on them so that I can hit it ? bu command just not working.... I have tried "on access memory bp" so ain't
Any good suggestion ?
Thanks
Edited by Pouyaaa, 18 December 2011 - 05:47 AM.
