Malware Analysis Process
An unanalyzed life is not worth living.
—Socrates, c. 469–399 BC
Now that we have got a spiffy new malware analysis lab, whether real or mostly virtual, let's use it to look at some malicious software specimens. This section describes the processes and tools you can use to look at such code to determine its functionality. I frequently utilize this very same process myself, to analyze many different types of malicious code specimens, such as the viruses, backdoors, Trojan horses, RootKits, and kernel-modifying malware we've described throughout this book. Often, when I find an unusual program on one of my systems or receive a suspicious-looking attachment in e-mail, I apply this process to find out what's really going ...
Get Malware: Fighting Malicious Code now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
