CHAPTER10
The Proper Way to Handle Files
Understanding the Portable Executable (PE) file is a must, as you saw in the previous chapter. You were able to discover the different characteristics of the PE file and what makes it tick. With this newfound basic knowledge of PE files, you are now better equipped to understand Windows malware.
When it comes to malware inspection, you always start with an unknown file. You have no idea, at first, whether the file is malicious. Therefore, it is important to handle the file with great care to avoid any unwanted incidents that might lead to a malware outbreak.
In this chapter, I will discuss how to properly handle unknown files. You will look at the file’s analysis life cycle, from transport to storage, ...
Get Advanced Malware Analysis now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
