Scribd
Upload
2 views

Malware Analysis

Malware is intrusive software designed to damage or exploit computer systems, with various types including viruses, worms, and ransomware. Malware analysis involves detecting and understanding the behavior of suspicious files to mitigate threats, offering benefits such as identifying attack sources and assessing damage. There are two main types of analysis: dynamic, which runs malware in a controlled environment, and static, which examines the malware file directly using various tools.

Uploaded by

viruscatchers2523
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
2 views

Malware Analysis

Malware is intrusive software designed to damage or exploit computer systems, with various types including viruses, worms, and ransomware. Malware analysis involves detecting and understanding the behavior of suspicious files to mitigate threats, offering benefits such as identifying attack sources and assessing damage. There are two main types of analysis: dynamic, which runs malware in a controlled environment, and static, which examines the malware file directly using various tools.

Uploaded by

viruscatchers2523
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 12

MALWARE ANALYSIS

What is Malware?
• Malware is a kind of intrusive software that
damages and destroys computer systems,
servers, host systems, or networks.
• It is a catch-all term for all types of malicious
software that is specifically intended to cause
damage or exploit any programmable device,
network, or service. Viruses, worms, adware,
spyware, trojan viruses, and ransomware are
various types of malware threats.
What is Malware Analysis?
• Malware analysis is the process of detecting and
reducing potential threats in a website,
application, or server.
• Malware analysis is the process of understanding
the behavior and purpose of a suspicious file or
URL. The output of the analysis aids in the
detection and mitigation of the potential threat.
• It is a crucial process that ensures
computer security as well as the safety and
security of an organization with regard to sensitive
information..
Key Benefits of Malware Analysis
• Identifying the source of the attack
• Determining the damage from a security
threat
• Identifying a malware’s exploitation level,
vulnerability, and appropriate patching
preparations
Malware Analysis Types
• There are 2 types of malware analysis:

1. Dynamic malware analysis


2. Static malware analysis
Dynamic Malware Analysis
• In dynamic malware analysis, a suspected
malicious code is run in a safe environment
called a sandbox.
• This isolated virtual machine is a closed system
that allows security experts to observe the
malware closely in action without the risk of
system or network infection.
• This technique provides deeper visibility of the
threat and its true nature.
Steps to do Analysis
• MD5 Analysis
Static Analysis
• Test malware file
– https://ipinfo.info/html/testvirus.php
– https://en.wikipedia.org/wiki/EICAR_test_file

• Refer this file


D:\Documents\STEPS TO DO STATIC
ANALYSIS.doc
Tools
• HexEditor
– https://download.cnet.com/HxD-Hex-Editor/300
0-2352_4-10891068.html

• Peid
https://softfamous.com/postdownload-file/peid/12446/
4719/
Tools ……
• Stud PE
– https://www.softpedia.com/get/Programming/Fil
e-Editors/StudPE.shtml
• Ollydbg
– https://www.ollydbg.de/download.htm
• ImpRec
– https://forum.tuts4you.com/files/file/2367-impo
rt-reconstructor-imprec/
QUESTIONS?
APPENDIX

You might also like