SlideShare a Scribd company logo
1 of 7
Download to read offline
INTRODUCTION TO MALWARE
ANALYSIS
Hussein Muhaisen
AKA System Exploited
WHAT IS MALWARE ?
• Malware is a Binary that does
MaliciousActivities
• Malware is used by attackers to
perform malicious actions and gain
control over their targets or spying
on them
• RATS,Keyloggers , Ransomware.
These are all examples of malware
that are widely common and used
nowadays.
TYPES OF MALWARE
• Virus orWorm : Malware that is capable of copying itself
and spreading to other computers.A virus needs user
intervention,whereas a worm can spread without user
intervention
• Trojan : Malware that disguises itself as a regular program
to trick users to install it on their systems. Once installed,
it can perform malicious actions such as stealing sensitive
data, uploading files to the attacker's server, or monitoring
webcams
• Backdoor / Remote Access Trojan (RAT):This is a type of
Trojan that enables the attacker to gain access to and
execute commands on the compromised system
• Botnet:This is a group of computers infected with the
same malware (called bots), waiting to receive instructions
from the command-and-control server controlled by the
attacker. The attacker can then issue a command to these
bots, which can perform malicious activities such as DDOS
attacks.
• Ransomware: Malware that holds the system for ransom
by locking users out of their computer or by encrypting
their files.
• Rootkit: Malware that provides the attacker with privileged
access to the infected system and conceals its presence or
the presence of other software.
WHAT IS
MALWARE
ANALYSIS
• Malware analysis is the process
of analyzing a malware sample
and be able to exfiltrate as
much as information as possible
, malware analysis is really
important because by analyzing
how the malware functions ,
how it spreads , and the type
of malware used. Helps us
defend against future attacks
Static analysis
Dynamic analysis
Code analysis
Behavioral analysis
Static analysis is the Process of
Analyzing malware without
executing it the main goal is to
extract as much information as
possible. Example : Strings.
Dynamic analysis is the Process of
Analyzing the malware and how it
functions by executing it the
purpose if this process is to see
what the malware does and how it
behaves.
Code analysis is the process of
Reverse Engineering the
malware , basically this process
is analyzing how the malware
is written.
Behavioral analysis is the
process of monitoring the
malware after execution the
purpose of this process is to
monitor every process that
the malware modifies or
communicates to. Examples:
Registry Entries , and Network
Packets
WHAT’S NEXT ?
• Setup an Dedicated Isolated
Environment ForAnalyzing Malware
• LearnWindows Internals and Linux
Internals , and how Computers work
in general
• Learn / Understand Programming and
Mostly Assembly and C/C++ ,and
Java
• Understand Network Fundamentals
• UnderstandThe Operating System
Architecture
THANK YOU <3

More Related Content

What's hot

Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)SHUBHA CHATURVEDI
 
Information Security (Malicious Software)
Information Security (Malicious Software)Information Security (Malicious Software)
Information Security (Malicious Software)Zara Nawaz
 
Ethical hacking trojans, worms and spyware
Ethical hacking    trojans, worms and spywareEthical hacking    trojans, worms and spyware
Ethical hacking trojans, worms and spywaremissstevenson01
 
Intruders detection
Intruders detectionIntruders detection
Intruders detectionEhtisham Ali
 
Information Assurance And Security - Chapter 2 - Lesson 3
Information Assurance And Security - Chapter 2 - Lesson 3Information Assurance And Security - Chapter 2 - Lesson 3
Information Assurance And Security - Chapter 2 - Lesson 3MLG College of Learning, Inc
 
Ethical hacking anti virus
Ethical hacking   anti virusEthical hacking   anti virus
Ethical hacking anti virusmissstevenson01
 
Lecture 10 intruders
Lecture 10 intrudersLecture 10 intruders
Lecture 10 intrudersrajakhurram
 
Computer infections and protections(final)
Computer infections and protections(final)Computer infections and protections(final)
Computer infections and protections(final)allisterm
 
Malware Classification and Analysis
Malware Classification and AnalysisMalware Classification and Analysis
Malware Classification and AnalysisPrashant Chopra
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentationAmjad Bhutto
 
Intruders
IntrudersIntruders
Intruderstechn
 
Malicious software
Malicious softwareMalicious software
Malicious softwareCAS
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber securityGeevarghese Titus
 

What's hot (20)

Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)
 
Information Security (Malicious Software)
Information Security (Malicious Software)Information Security (Malicious Software)
Information Security (Malicious Software)
 
Ethical hacking trojans, worms and spyware
Ethical hacking    trojans, worms and spywareEthical hacking    trojans, worms and spyware
Ethical hacking trojans, worms and spyware
 
Malware
MalwareMalware
Malware
 
ETHICAL HACKING
ETHICAL HACKINGETHICAL HACKING
ETHICAL HACKING
 
Anti Virus Software
Anti Virus SoftwareAnti Virus Software
Anti Virus Software
 
intruders types ,detection & prevention
intruders types ,detection & preventionintruders types ,detection & prevention
intruders types ,detection & prevention
 
Know More about Your Enemies
Know More about Your EnemiesKnow More about Your Enemies
Know More about Your Enemies
 
Intruders detection
Intruders detectionIntruders detection
Intruders detection
 
Information Assurance And Security - Chapter 2 - Lesson 3
Information Assurance And Security - Chapter 2 - Lesson 3Information Assurance And Security - Chapter 2 - Lesson 3
Information Assurance And Security - Chapter 2 - Lesson 3
 
Ethical hacking anti virus
Ethical hacking   anti virusEthical hacking   anti virus
Ethical hacking anti virus
 
Lecture 10 intruders
Lecture 10 intrudersLecture 10 intruders
Lecture 10 intruders
 
Computer infections and protections(final)
Computer infections and protections(final)Computer infections and protections(final)
Computer infections and protections(final)
 
TIC
TICTIC
TIC
 
Security
Security Security
Security
 
Malware Classification and Analysis
Malware Classification and AnalysisMalware Classification and Analysis
Malware Classification and Analysis
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentation
 
Intruders
IntrudersIntruders
Intruders
 
Malicious software
Malicious softwareMalicious software
Malicious software
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
 

Similar to Introduction to Malware analysis

Presentation_malware_anti_malware.pptx
Presentation_malware_anti_malware.pptxPresentation_malware_anti_malware.pptx
Presentation_malware_anti_malware.pptxitsamuamit11
 
CHAPTER 1 MALWARE ANALYSIS PRIMER.pdf
CHAPTER 1 MALWARE ANALYSIS PRIMER.pdfCHAPTER 1 MALWARE ANALYSIS PRIMER.pdf
CHAPTER 1 MALWARE ANALYSIS PRIMER.pdfManjuAppukuttan2
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-MalwareArpit Mittal
 
malwareanti-malware-160630191004 (1).pdf
malwareanti-malware-160630191004 (1).pdfmalwareanti-malware-160630191004 (1).pdf
malwareanti-malware-160630191004 (1).pdfitsamuamit11
 
CH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdfCH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdfWajdiElhamzi3
 
Malware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmMalware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmAlienVault
 
Malicious Software.pptx
Malicious Software.pptxMalicious Software.pptx
Malicious Software.pptxssuser6e5862
 
CHAPTER 1 MALWARE ANALYSIS PRIMER.ppt
CHAPTER 1 MALWARE ANALYSIS PRIMER.pptCHAPTER 1 MALWARE ANALYSIS PRIMER.ppt
CHAPTER 1 MALWARE ANALYSIS PRIMER.pptManjuAppukuttan2
 
23 network security threats pkg
23 network security threats pkg23 network security threats pkg
23 network security threats pkgUmang Gupta
 
Program and System Threats
Program and System ThreatsProgram and System Threats
Program and System ThreatsReddhi Basu
 
Pagajdhvdhdhdvhdhdhdhdhhdhdududhjdjdjdjdjdj
PagajdhvdhdhdvhdhdhdhdhhdhdududhjdjdjdjdjdjPagajdhvdhdhdvhdhdhdhdhhdhdududhjdjdjdjdjdj
PagajdhvdhdhdvhdhdhdhdhhdhdududhjdjdjdjdjdjVAIBHAVSAHU55
 
Assessment and Threats: Protecting Your Company from Cyber Attacks
Assessment and Threats: Protecting Your Company from Cyber AttacksAssessment and Threats: Protecting Your Company from Cyber Attacks
Assessment and Threats: Protecting Your Company from Cyber AttacksCimation
 
Security threats explained
Security threats explained Security threats explained
Security threats explained Abhijeet Karve
 
Survey on Malware Detection Techniques
Survey on Malware Detection TechniquesSurvey on Malware Detection Techniques
Survey on Malware Detection TechniquesEditor IJMTER
 
Malware and different types of malwares.
Malware and different types of malwares.Malware and different types of malwares.
Malware and different types of malwares.SangishettyDikshitha
 

Similar to Introduction to Malware analysis (20)

Presentation_malware_anti_malware.pptx
Presentation_malware_anti_malware.pptxPresentation_malware_anti_malware.pptx
Presentation_malware_anti_malware.pptx
 
CHAPTER 1 MALWARE ANALYSIS PRIMER.pdf
CHAPTER 1 MALWARE ANALYSIS PRIMER.pdfCHAPTER 1 MALWARE ANALYSIS PRIMER.pdf
CHAPTER 1 MALWARE ANALYSIS PRIMER.pdf
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-Malware
 
malwareanti-malware-160630191004 (1).pdf
malwareanti-malware-160630191004 (1).pdfmalwareanti-malware-160630191004 (1).pdf
malwareanti-malware-160630191004 (1).pdf
 
CH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdfCH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdf
 
Malware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmMalware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usm
 
Malicious Software.pptx
Malicious Software.pptxMalicious Software.pptx
Malicious Software.pptx
 
CHAPTER 1 MALWARE ANALYSIS PRIMER.ppt
CHAPTER 1 MALWARE ANALYSIS PRIMER.pptCHAPTER 1 MALWARE ANALYSIS PRIMER.ppt
CHAPTER 1 MALWARE ANALYSIS PRIMER.ppt
 
23 network security threats pkg
23 network security threats pkg23 network security threats pkg
23 network security threats pkg
 
Program and System Threats
Program and System ThreatsProgram and System Threats
Program and System Threats
 
Module 5.pdf
Module 5.pdfModule 5.pdf
Module 5.pdf
 
Module 5.Malware
Module 5.MalwareModule 5.Malware
Module 5.Malware
 
Malicious
MaliciousMalicious
Malicious
 
Pagajdhvdhdhdvhdhdhdhdhhdhdududhjdjdjdjdjdj
PagajdhvdhdhdvhdhdhdhdhhdhdududhjdjdjdjdjdjPagajdhvdhdhdvhdhdhdhdhhdhdududhjdjdjdjdjdj
Pagajdhvdhdhdvhdhdhdhdhhdhdududhjdjdjdjdjdj
 
Cyber security
Cyber security Cyber security
Cyber security
 
Assessment and Threats: Protecting Your Company from Cyber Attacks
Assessment and Threats: Protecting Your Company from Cyber AttacksAssessment and Threats: Protecting Your Company from Cyber Attacks
Assessment and Threats: Protecting Your Company from Cyber Attacks
 
Security threats explained
Security threats explained Security threats explained
Security threats explained
 
Survey on Malware Detection Techniques
Survey on Malware Detection TechniquesSurvey on Malware Detection Techniques
Survey on Malware Detection Techniques
 
Mitppt
MitpptMitppt
Mitppt
 
Malware and different types of malwares.
Malware and different types of malwares.Malware and different types of malwares.
Malware and different types of malwares.
 

Recently uploaded

Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 

Recently uploaded (20)

Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 

Introduction to Malware analysis

  • 1. INTRODUCTION TO MALWARE ANALYSIS Hussein Muhaisen AKA System Exploited
  • 2. WHAT IS MALWARE ? • Malware is a Binary that does MaliciousActivities • Malware is used by attackers to perform malicious actions and gain control over their targets or spying on them • RATS,Keyloggers , Ransomware. These are all examples of malware that are widely common and used nowadays.
  • 3. TYPES OF MALWARE • Virus orWorm : Malware that is capable of copying itself and spreading to other computers.A virus needs user intervention,whereas a worm can spread without user intervention • Trojan : Malware that disguises itself as a regular program to trick users to install it on their systems. Once installed, it can perform malicious actions such as stealing sensitive data, uploading files to the attacker's server, or monitoring webcams • Backdoor / Remote Access Trojan (RAT):This is a type of Trojan that enables the attacker to gain access to and execute commands on the compromised system • Botnet:This is a group of computers infected with the same malware (called bots), waiting to receive instructions from the command-and-control server controlled by the attacker. The attacker can then issue a command to these bots, which can perform malicious activities such as DDOS attacks. • Ransomware: Malware that holds the system for ransom by locking users out of their computer or by encrypting their files. • Rootkit: Malware that provides the attacker with privileged access to the infected system and conceals its presence or the presence of other software.
  • 4. WHAT IS MALWARE ANALYSIS • Malware analysis is the process of analyzing a malware sample and be able to exfiltrate as much as information as possible , malware analysis is really important because by analyzing how the malware functions , how it spreads , and the type of malware used. Helps us defend against future attacks
  • 5. Static analysis Dynamic analysis Code analysis Behavioral analysis Static analysis is the Process of Analyzing malware without executing it the main goal is to extract as much information as possible. Example : Strings. Dynamic analysis is the Process of Analyzing the malware and how it functions by executing it the purpose if this process is to see what the malware does and how it behaves. Code analysis is the process of Reverse Engineering the malware , basically this process is analyzing how the malware is written. Behavioral analysis is the process of monitoring the malware after execution the purpose of this process is to monitor every process that the malware modifies or communicates to. Examples: Registry Entries , and Network Packets
  • 6. WHAT’S NEXT ? • Setup an Dedicated Isolated Environment ForAnalyzing Malware • LearnWindows Internals and Linux Internals , and how Computers work in general • Learn / Understand Programming and Mostly Assembly and C/C++ ,and Java • Understand Network Fundamentals • UnderstandThe Operating System Architecture