This document provides an overview of API malware analysis and forensics. It discusses the importance of analyzing API calls to detect malware, as APIs are increasingly being targeted by attackers. The document outlines various types of API malware attacks and techniques used for API malware detection, including signature-based detection, behavior-based detection, and machine learning-based detection. It also describes methods for analyzing API calls like static analysis and dynamic analysis to identify malicious code. Real-world examples of API malware attacks on companies like Facebook, Twitter, and Uber are also provided.