Malware Analysis

What is malware ?

“Some sort of unknown malicious software is called as malware.”

 

 

Key Terminology of Malicious Software.

–    Virus: a computer program that is usually hidden within another seemingly innocuous program and that produces copies of itself and inserts them into other programs and usually performs a malicious action as destroying data.

–    Worm: a usually small self-contained and self-replicating computer program that invades computers on a network and usually performs a destructive action.

–    Trojan Horse: a seemingly useful computer program that contains concealed instructions which when activated perform an illicit or malicious action as destroying data files.

–    Spyware: software that is installed in a computer without the user’s knowledge and transmits information about the user computer activities over the Internet.

–    Adware: software installed that provides advertisers with information about the

users browsing habits, thus allowing the advertiser to provide targeted ads.

–    Backdoor: Bypasses normal security controls to give an attacker unauthorized access.

–    Rootkit: Trojan horse backdoor tools that modify existing operating system software so that an attack can keep access to and hide on a machine.

–    Sniffer: an application used to monitor and analyze network traffic.

–    Reverse Code Engineering: the process of disassembling software to reveal how the software functions.

–    Disassembler: programs that take a programs executable (exe) binary as input and generate textual files that contain the assembly language code for the entire program or parts of it.

–    Debuggers: programs that allows software developers to observer their program while running it.

–    Decompiler: a program that take an executable binary file and attempts to produce readable high-level language code from it.

 

Type of Malware Analysis?

–    Static malware analysis

–    Dynamic malware analysis

–    Memory analysis

 

Looking into malicious software involves a variety of tasks, some simpler than others. These efforts can be grouped into stages based on the nature of the associated malware analysis techniques and expertise.

 

Stage of Malware Analysis?

–    Fully-Automated analysis : mostly used as script and tool as scan code

–    Static Malware analysis : Virus Scanner, IDA, disassembler, reg editor, hex editor, image editor, packet detection, file analyzer.

–    Dynamic Malware analysis

–    Interactive behavior analysis

–    Manual code reversing

–    Memory analysis

–    Running process, Network connection, File Fingerprints, memory diagnose

 

Six Step for Incident Response in Malware Analysis

–    Preparation

–    Identification

–    Containment

–    Eradication

–    Recovery

–    Expertises and lesson learn

 

Maximization of avoid malware to harm system

Need Better Firewall with advanced signature detection rule and correlations that analysis any suspicious activities from inbound, outbound network packet. It also help when create some advanced protection for system using anti-malware software like clamav.

Getting knowledge for how to use safer Internet, Email service, Banking services. Employee and Customer need awareness about good level of cyber crime incident.

 

https://zeltser.com/mastering-4-stages-of-malware-analysis

https://www.scmagazine.com/malware-analysis-tools/article/687639/

Leave a comment

Contact Us
close slider

Are you looking for a quote or general enquiry? Please fill in the details below, we will get back to you in 24 hours.

error: Content is protected !!
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.