About This Book
- Set the baseline towards performing malware analysis on the Windows platform and how to use the tools required to deal with malware
- Understand how to decipher x86 assembly code from source code inside your favourite development environment
- A step-by-step based guide that reveals malware analysis from an industry insider and demystifies the process
Who This Book Is For
This book is best for someone who has prior experience with reverse engineering Windows executables and wants to specialize in malware analysis. The book presents the malware analysis thought process using a show-and-tell approach, and the examples included will give any analyst confidence in how to approach this task on their own the next time around.
What You Will Learn
- Use the positional number system for clear conception of Boolean algebra that applies to malware research purposes
- Get introduced to static and dynamic analysis methodologies and build your own malware lab
- Analyze destructive malware samples from the real world (ITW) from fingerprinting and static/dynamic analysis to the final debrief
- Understand different modes of linking and how to compile your own libraries from assembly code and integrate the code in your final program
- Get to know about the various emulators, debuggers and their features, and sandboxes and set them up effectively depending on the required scenario
- Deal with other malware vectors such as PDF and MS Office-based malware as well as scripts and shellcode
This book will start with the basics of computing fundamentals such as number systems and Boolean algebra. Further, you'll learn about x86 assembly programming and its integration with high-level languages such as C++. You will understand how to decipher disassembly code obtained from the compiled source code and map it back to its original design goals. By delving into end-to-end analysis with real-world malware samples to solidify your understanding, you'll sharpen your technique of handling destructive malware binaries and vector mechanisms. You will also be encouraged to consider analysis lab safety measures so that there is no infection in the process.
Finally, we'll have a well-rounded tour of various emulations, sandboxing, and debugging options so that you know what is at your disposal when you need a specific kind of weapon in order to nullify the malware.
To view this DRM protected ebook on your desktop or laptop you will need to have Adobe Digital Editions installed. It is a free software. We also strongly recommend that you sign up for an AdobeID at the Adobe website. For more details please see FAQ 1&2. To view this ebook on an iPhone, iPad or Android mobile device you will need the Adobe Digital Editions app, or BlueFire Reader or Txtr app. These are free, too. For more details see this article.
|Size: ||9.3 MB|
|Publisher: ||Packt Publishing|
|Date published: || 2015|
|ISBN: ||2370006809685 (DRM-EPUB)|
|Read Aloud: ||not allowed|