Chapter 6

Analysis of a Malware Specimen

Solutions in this chapter:

• Goals

• Guidelines for Examining a Malicious File Specimen

• Establishing the Environment Baseline

• Pre-execution Preparation: System and Network Monitoring

• Execution Artifact Capture: Digital Impression and Trace Evidence

• Executing the Malware Specimen

• Execution Trajectory Analysis: Observing Network, Process, API, File System, and Registry Activity

• Automated Malware Analysis Frameworks

• Online Malware Analysis Sandboxes

• Defeating Obfuscation

• Embedded Artifacts Revisited

• Interacting with and Manipulating the Malware Specimen: Exploring and Verifying Specimen Functionality and Purpose

• Event Reconstruction and Artifact Review: Post-run Data Analysis

• Digital ...

Get Malware Forensics Field Guide for Windows Systems now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial