Malware Analysis or malware reverse engineering is a highly technical and specialized field in forensics. Anti-Virus and Threat Intelligence utilizes a highly trained cadre of programmers and forensic personnel that acquire malware from the wild and then rip it open to determine what it does, how it does it, and who may be responsible for it. This is done utilizing two types of analysis, Static and Dynamic. Like much of digital forensics, each type of analysis affords some advantages and incident response analysts should be familiar with both.
Note
An excellent treatment of malware analysis conducted against actual malware found in the wild is Kim Zetter's book Countdown to Zero Day. Comprehensively researched, this book delves deep into the Stuxnet virus as various research teams attempt to understand what the malware is doing.
An excellent malware analysis methodology was created by Lenny Zeltser, a malware analysis professional who has an excellent array of resources...