Book Image

Windows Malware Analysis Essentials

By : Victor Marak
Book Image

Windows Malware Analysis Essentials

By: Victor Marak

Overview of this book

Table of Contents (13 chapters)

Summary


In this chapter, you started with configuring your Linux installation for network traffic analysis, after which you had a better look at Xor-based obfuscation and related tools. Thereafter, you analyzed a malicious web page and got a good look at the overall workflow, approach, tools such as Malzilla and Firebug to perform script based debugging, shellcode extraction, and conversion and analysis using simple and already available tools such as the hex editor and shellcode-2-exe converter. You got to know about the USC2 encoding and why the NULL characters are eliminated from the exploit codes, which is this chapter was a download-execute type of exploit also known as a drive-by download. You were quickly introduced to bytecode analysis tools and a rapid fire round on document analysis tools. Thereafter, you took a detailed overview of Redline from Mandiant as a tool to perform malware memory forensics and its various options and features. You were also introduced to the OpenIOC standard...