iGuRu

Real-time Technology News. Opinions & Tweaks

home / dummies / Introduction to malware analysis

Introduction to malware analysis

What is Malware?

Malware is an executable or binary file that has (as the name implies) malicious intent.

guildma III 1200x640 1 - Introduction to malware analysis

Malware software is used by intruders to perform a variety of malicious actions such as:

  1. Target espionage through:
  • RAT's
  • Keyloggers
  1. Data exfiltration
  2. Data encryption and destruction
  3. Ransomware

Types of Malware

Malware refers to any binary or executable that is malicious, however, the malware is further classified based on its functionality. Here are the different types of malware:

  • Trojans - A type of malware that disguises itself as a legitimate program for social engineering purposes. It can destroy and eliminate data and can also be used for espionage.
  • RAT's - A type of malware that allows an attacker to access and execute remote commands on the system. Its functionality can be extended with modules such as keyloggers.
  • Ransomware - A type of malware that encrypts all files on the system and saves the system and its data for ransom.
  • Dropper - A type of malware intended to download / drop additional malware.

What is malware analysis?

Malware analysis is the process of analyzing a sample / binary malware software and extracting as much information as possible from it. The information we export helps us to understand the scope of malware functionality, how the system was infected by malware and how to defend against similar attacks in the future.

does malware exist.jpg - Introduction to malware analysis

Malware analysis data:

  • Understand the type of malware and the full range of what it can do (functionality). Is it Keylogger, RAT or
  • How the system was infected by malware. Is it a targeted attack or an e-fishing attack?
  • How it communicates with the intruder.
  • To remove useful pointers such as registry entries / keys and filenames in order to create signatures that can be used to detect future detection.

Types of malware analysis:

  • Static analysis - It is the process of analyzing malware without executing or executing it. The goal is to extract as much metadata as possible from the malware. Example; strings, headers
  • Dynamic analysis - It is the process of executing malware and analyzing its functionality and behavior. The goal is to understand exactly how and what malware does during execution. This is done in a debugger.
  • Code Analysis - This is the process of code analysis / reverse engineering. This can be done both statically and dynamically (Static and dynamic code analysis)
  • Behavioral analysis - It is the process of analyzing and monitoring malware after execution. It includes monitoring the processes, registry entries and network monitoring to determine the malware.

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News

Competition: dummiestag: malware, malware

You May Also Like

Freki - Malware Analysis Platform
Microsoft warns of Adrozek infecting browsers
hijackthis: Find malware, adware and other security threats

Reader Interactions

Comment Policy:

IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators

Leave your comment

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *