This is the code repository for Malware Analysis Techniques, published by Packt.
Tricks for the triage of adversarial software
Malicious software poses a threat to every enterprise globally. Its growth is costing businesses millions of dollars due to currency theft as a result of ransomware and lost productivity. With this book, you'll learn how to quickly triage, identify, attribute, and remediate threats using proven analysis techniques.
This book covers the following exciting features:
- Discover how to maintain a safe analysis environment for malware samples
- Get to grips with static and dynamic analysis techniques for collecting IOCs
- Reverse-engineer and debug malware to understand its purpose
- Develop a well-polished workflow for malware analysis
- Understand when and where to implement automation to react quickly to threats
If you feel this book is for you, get your copy today!
Here, you will find the sample packs that correspond with the chapter walkthroughs and challenges in the book. Please note that there is live malware in these archives in several instances. As such, the archives are password protected with the password "infected".
All of the code is organized into folders. For example, Chapter02.
The code will look like the following:
if (test expression)
{
Statement upon condition is true
}
Following is what you need for this book: This book is for incident response professionals, malware analysts, and researchers who want to sharpen their skillset or are looking for a reference for common static and dynamic analysis techniques. Beginners will also find this book useful to get started with learning about malware analysis. Basic knowledge of command-line interfaces, familiarity with Windows and Unix-like filesystems and registries, and experience in scripting languages such as PowerShell, Python, or Ruby will assist with understanding the concepts covered.
With the following software and hardware list you can run all code files present in the book (Chapter 1-11).
| Chapter | Software required | OS required |
|---|---|---|
| 1-11 | VMware Fusion, VirtualBox, or VMware Workstation | Windows or macOS |
| 1-11 | FlareVM | Windows or macOS |
We also provide a PDF file that has color images of the screenshots/diagrams used in this book. Click here to download it.
Dylan Barker is a technology professional with ten years’ experience in the information security space, in industries ranging from K12 and telecom to financial services. He has held many distinct roles from security infrastructure engineering to vulnerability management. In the past, he has spoken at BSides events, and has written articles for CrowdStrike - where he is currently employed as a Senior Analyst.
If you have already purchased a print or Kindle version of this book, you can get a DRM-free PDF version at no cost.
Simply click on the link to claim your free PDF.