Home Page Icon
Home Page
Table of Contents for
Cover
Close
Cover
by Christopher Elisan
Advanced Malware Analysis
Cover
Title Page
Copyright Page
Dedication
Contents at a Glance
Contents
Foreword
Acknowledgments
Introduction
Part I Malware Blueprint
Chapter 1 Malware Analysis 101
Malware Analysis
Malware Analysis and Reverse Engineering
Types of Malware Analysis
Purpose of Malware Analysis
Limitations of Malware Analysis
The Malware Analysis Process
The Effective Malware Analyst
Familiarization with Malware
Familiarization with Analysis Tools
Patience
Recap
Chapter 2 Malware Taxonomy
Malware Classes
Infectors
Network Worms
Trojan Horse
Backdoors
Remote-Access Trojan
Information Stealers
Ransomware
Scareware
Fakeware
Greyware
Recap
Chapter 3 Malware Deployment
Malware Infection Vectors
Speed
Stealth
Coverage
Shelf Life
Types of Malware Infection Vectors
Physical Media
E-mails
Instant Messaging and Chat
Social Networking
URL Links
File Shares
Software Vulnerabilities
Potential Infection Vectors
Recap
Chapter 4 Protective Mechanisms
The Two States of Malware
Static Malware
Dynamic Malware
Protective Mechanisms
Static Malware Protective Mechanisms
Dynamic Malware Protective Mechanisms
Recap
Chapter 5 Malware Dependencies
Dependency Types
Environment Dependencies
Program Dependencies
Timing Dependencies
Event Dependencies
User Dependencies
File Dependencies
Recap
Part II Malware Research Lab
Chapter 6 Malware Collection
Your Own Backyard
Scan for Malicious Files
Look for Active Rootkits
Inspect Startup Programs
Inspect Running Processes
Extract Suspicious Files
Free Sources
Contagio
KernelMode.info
MalShare.com
Malware.lu
Malware Blacklist
Malwarebytes Forum
Malekal’s Forum
Open Malware
Tuts4You
VirusShare.com
VX Heaven
Malware Trackers
Research Mailing Lists
Sample Exchange
Commercial Sources
Honeypots
Dionaea
Recap
Tools
Chapter 7 Static Analysis Lab
The Static Analysis Lab
Host File Inspection Tools
Mitigate Possible Infection
Mitigate Becoming a Malware Staging Point
Anonymous Communication
Setting Up the Lab
Choose the Hardware
Install the Operating System
Harden the Lab
Anonymize the Lab
Isolate the Lab
The Virtualized Static Analysis Lab
Backing Up and Restoring
Recap
Tools
Chapter 8 Dynamic Analysis Lab
Setting Up the Lab
Choose the Hardware
Install the Operating System
Make the Lab Malware Friendly
Anonymize the Lab
Isolate the Lab
Restoring to a Clean State
Virtualized Environment Clean State Restoration
Bare-Metal Environment Clean State Restoration
Backing Up and Restoring
The Golden Image
Host OS
Other Systems Supporting the Lab
Recap
Tools
Part III Malware Inspection
Chapter 9 The Portable Executable File
The Windows Portable Executable File
The PE File Format
Relative Virtual Address
PE Import Functions
PE Export Functions
64-Bit PE File Format
Recap
Tools
Chapter 10 The Proper Way to Handle Files
File’s Analysis Life Cycle
Transfer
Analysis
Storage
Recap
Tools
Chapter 11 Inspecting Static Malware
Static Analysis Techniques
ID Assignment
File Type Identification
Antivirus Detection
Protective Mechanisms Identification
PE Structure Verification
Strings Analysis
Recap
Tools
Chapter 12 Inspecting Dynamic Malware
Virtual vs. Bare Metal
Dynamic Analysis
Analyzing Host Behavior
Analyzing Network Behavior
Dynamic Analysis Limitations
Recap
Tools
Chapter 13 Tools of the Trade
Malware Analysis Use Cases
Malware Analyst Toolbox
Tools of the Trade
Sysinternals Suite
Yara
Cygwin
Debuggers
Disassemblers
Memory Dumpers
PE Viewers
PE Reconstructors
Malcode Analyst Pack
Rootkit Tools
Network Capturing Tools
Automated Sandboxes
Free Online Automated Sandbox Services
Recap
Tools
Part IV Appendixes
Appendix A Tools List
Appendix B List of Laboratories
Appendix C Volatility Framework Basic Plug-ins
Index
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Next
Next Chapter
Advanced Malware Analysis
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset