Malware Analysis - Salem73616C656D/reading-notes GitHub Wiki
Key Takeaways
Malware Analysis
How It Works:
- It breaks down malware into understandable parts
- It investigates its characteristics
- It unravels its functionality
- Traces the malware's origin
- Tries to predict the impact
Process:
- Capture Malware
- Build Malware Lab
- Install Your Tools
- Record Baseline
- Commence Investigation
- Document Results
Types of Malware Analysis:
- Static - examining static properties like metadata, headers, embedded assets, etc.
- Dynamic - allows malware to play itself out in a controlled environment
- Manual - breaking down the code manually using tools like debuggers, decompilers, and decrypters
- Automated
Vocabulary
Malware
- a software designed to infiltrate or damage a computer system without the owner’s informed consent. Any software performing malicious actions, including information stealing, spying, etc.