Malware Analysis | IntelOverflow

#theme-toggle,.top-link{display:none}@media(prefers-color-scheme:dark){:root{--theme:#1d1e20;--entry:#2e2e33;--primary:rgba(255, 255, 255, 0.84);--secondary:rgba(255, 255, 255, 0.56);--tertiary:rgba(255, 255, 255, 0.16);--content:rgba(255, 255, 255, 0.74);--hljs-bg:#2e2e33;--code-bg:#37383e;--border:#333}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}

Practical Malware Analysis: LAB 01

Let’s kick it off. The first chapter of PMA was an introduction to Basic Static Analysis. Although there’s a unique set of tools used in the book, I’d be improvising and testing other tools which might achieve the same purpose. Tooling I’ll be using the following tools/services for this chapter: [I’m diverting from the toolset used by the author… mainly because they’re outdated] PEStudio PEView PEID ExeInfoPE VirusTotal Exercise 1 Hash Filename BB7425B82141A1C0F7D60E5106676BB1 Lab01-01....

Practical Malware Analysis: LAB 05

Previously, we covered Basic Static Analysis and Basic Dynamic Analysis in Chapter 1 and 3 of Practical Malware Analysis. That marks an end to the first part of the book. The fourth chapter kicks off the second part of the book and takes a slight detour to cover one of the most important pre-requisites to perform malware analysis; assembly language. However, the crash course doesn’t have any exercises. It’s why we’ll be proceeding to exercises of the fifth chapter i....