Now that you know what malware is and why Malware Analysis is critical for any organization, let's understand some basic tools that are used in the analysis of malware infections. This session begins with an introduction of basic malware analysis tools such as SysInternals, MAP pack, 010, PE Viewer, disassembler, Cygwin, Notepad++, and, 7zip. Though there are several tools available in the market today, you should ensure that tools are not driving your analysis. You'll also learn some tips to keep in mind when installing these tools. Further into the class, we'll use an example to explain how to analyze a potential malware file using the VirusTotal tool (available online). VirusTotal helps you know the history of the malware and similar instances of the file. You'll also understand that certain file types (or malware) display a PDF after executing the file to avoid any suspicion.
Intro to Malware Analysis and Reverse Engineering
In this course you will learn how to perform dynamic and static analysis on all major files types, how to carve malicious executables from documents and how to recognize common malware tactics and debug and disassemble malicious binaries.