The document provides an overview of malware, defining it as malicious software used by attackers to compromise systems, with examples including viruses, trojans, ransomware, and botnets. It outlines the importance of malware analysis, which involves examining malware through different techniques like static, dynamic, code, and behavioral analysis to understand its functionality and mitigate future attacks. The document also suggests next steps for effective malware analysis, including setting up isolated environments and learning about operating systems and programming.

1. INTRODUCTION TO MALWARE
ANALYSIS
Hussein Muhaisen
AKA System Exploited

2. WHAT IS MALWARE ?
• Malware is a Binary that does
MaliciousActivities
• Malware is used by attackers to
perform malicious actions and gain
control over their targets or spying
on them
• RATS,Keyloggers , Ransomware.
These are all examples of malware
that are widely common and used
nowadays.

3. TYPES OF MALWARE
• Virus orWorm : Malware that is capable of copying itself
and spreading to other computers.A virus needs user
intervention,whereas a worm can spread without user
intervention
• Trojan : Malware that disguises itself as a regular program
to trick users to install it on their systems. Once installed,
it can perform malicious actions such as stealing sensitive
data, uploading files to the attacker's server, or monitoring
webcams
• Backdoor / Remote Access Trojan (RAT):This is a type of
Trojan that enables the attacker to gain access to and
execute commands on the compromised system
• Botnet:This is a group of computers infected with the
same malware (called bots), waiting to receive instructions
from the command-and-control server controlled by the
attacker. The attacker can then issue a command to these
bots, which can perform malicious activities such as DDOS
attacks.
• Ransomware: Malware that holds the system for ransom
by locking users out of their computer or by encrypting
their files.
• Rootkit: Malware that provides the attacker with privileged
access to the infected system and conceals its presence or
the presence of other software.

4. WHAT IS
MALWARE
ANALYSIS
• Malware analysis is the process
of analyzing a malware sample
and be able to exfiltrate as
much as information as possible
, malware analysis is really
important because by analyzing
how the malware functions ,
how it spreads , and the type
of malware used. Helps us
defend against future attacks

5. Static analysis
Dynamic analysis
Code analysis
Behavioral analysis
Static analysis is the Process of
Analyzing malware without
executing it the main goal is to
extract as much information as
possible. Example : Strings.
Dynamic analysis is the Process of
Analyzing the malware and how it
functions by executing it the
purpose if this process is to see
what the malware does and how it
behaves.
Code analysis is the process of
Reverse Engineering the
malware , basically this process
is analyzing how the malware
is written.
Behavioral analysis is the
process of monitoring the
malware after execution the
purpose of this process is to
monitor every process that
the malware modifies or
communicates to. Examples:
Registry Entries , and Network
Packets

6. WHAT’S NEXT ?
• Setup an Dedicated Isolated
Environment ForAnalyzing Malware
• LearnWindows Internals and Linux
Internals , and how Computers work
in general
• Learn / Understand Programming and
Mostly Assembly and C/C++ ,and
Java
• Understand Network Fundamentals
• UnderstandThe Operating System
Architecture

7. THANK YOU <3