Amanda Rousseau’s self-learning materials for her Malware Unicorn workshop are a fantastic introduction to understanding and analyzing malware, covering the techniques used by malware authors, reverse-engineering tools, and three kinds of analysis: triage, static and dynamic.
This won’t turn you into a malware researcher overnight, but they’re extraordinarily well-organized and well-presented materials that will complement any effort to become an information security practitioner.
Game Plan*
Determine what are the goals*
Get to just what you need, or*
Know enough to recreate it*
Use reconnaissance and triage skills to determine a target starting point*
Work step by step to get to your goals*
Record your findings through the analysisAnalysis Flow for Malware Analysis
*
Setup a baseline analysis environment*
Triage to determine a starting point*
Static Analysis – Get a sense of where everything is before debugging*
Dynamic Analysis – Determine behaviors that can’t be understood by static analysis*
Manual Debugging – Stepping through the program to navigate to your goals
[Amanda Rousseau/Secured.org]
(via 4 Short Links)