The demand for techniques that can be used to improve the analysis
process of Windows x64 binaries will only increase as the Windows
x64 platform becomes more accepted and used in the market place.
There is a deluge of useful information surrounding techniques that
can be used to perform code and data flow analysis that is also
applicable to the x64 architecture. However, techniques that can be
used to better annotate and streamline the initial analysis phases,
such as identifying functions and describing their stack frames, is
still a ripe area for improvement at the time of this writing. For
that reason, this paper will start by describing some of the changes
that have been made to support Windows x64 binaries. This
background information is useful because it serves as a basis for
understanding a few basic techniques that may be used to improve
some of the initial analysis phases. During the course of this
paper, the term Windows x64 binary will simply be reduced
to x64 binary in the interest of brevity.