Malware analysis¶

Notes on techniques for determining the functionality, origin and potential impact of a given malware sample such as a virus, worm, trojan horse, rootkit, or backdoor. Real understanding comes by analysing and reverse engineering the malware. Malware is often the foundation of an attack.

Understanding how a malware got past defences and what it was designed to do once inside an environment can expose behaviour and artefacts that can be used to give a proper response to it; to develop better defences against it; to understand how it varies from other malware; to find similar activity; …

Malware analysis

History of malware
Typical behaviours
Purpose of a malware attack
Malware signatures
Static and dynamic analysis
Packers

Malware analysis code @GitHub

Memory analysis
Virtual function reverse engineering tool
Analysing Anti-Reverse engineering tricks
PE/ELF header parser
Dynamic analysis for API monitoring

Last update: 2025-05-19 17:27