Self-study materials on the fundamentals of malware analysis

Amanda Rousseau's self-learning materials for her Malware Unicorn workshop are a fantastic introduction to understanding and analyzing malware, covering the techniques used by malware authors, reverse-engineering tools, and three kinds of analysis: triage, static and dynamic.


This won't turn you into a malware researcher overnight, but they're extraordinarily well-organized and well-presented materials that will complement any effort to become an information security practitioner.


Game Plan

*
Determine what are the goals

*
Get to just what you need, or

*
Know enough to recreate it

*
Use reconnaissance and triage skills to determine a target starting point

*
Work step by step to get to your goals

*
Record your findings through the analysis

Analysis Flow for Malware Analysis

*
Setup a baseline analysis environment

*
Triage to determine a starting point

*
Static Analysis – Get a sense of where everything is before debugging

*
Dynamic Analysis – Determine behaviors that can’t be understood by static analysis

*
Manual Debugging – Stepping through the program to navigate to your goals

Malware Unicorn

[Amanda Rousseau/Secured.org]


(via 4 Short Links)