Cuckoo Malware Analysis

More Information
Learn
  • Get started with automated malware analysis using Cuckoo Sandbox
  • Use Cuckoo Sandbox to analyze sample malware
  • Analyze output from Cuckoo Sandbox
  • Report results with Cuckoo Sandbox in standard form
  • Learn tips and tricks to get the most out of your malware analysis results
About

Cuckoo Sandbox is a leading open source automated malware analysis system. This means that you can throw any suspicious file at it and, in a matter of seconds, Cuckoo will provide you with some detailed results outlining what said file did when executed inside an isolated environment.

Cuckoo Malware Analysis is a hands-on guide that will provide you with everything you need to know to use Cuckoo Sandbox with added tools like Volatility, Yara, Cuckooforcanari, Cuckoomx, Radare, and Bokken, which will help you to learn malware analysis in an easier and more efficient way.

Cuckoo Malware Analysis will cover basic theories in sandboxing, automating malware analysis, and how to prepare a safe environment lab for malware analysis. You will get acquainted with Cuckoo Sandbox architecture and learn how to install Cuckoo Sandbox, troubleshoot the problems after installation, submit malware samples, and also analyze PDF files, URLs, and binary files. This book also covers memory forensics – using the memory dump feature, additional memory forensics using Volatility, viewing result analyses using the Cuckoo analysis package, and analyzing APT attacks using Cuckoo Sandbox, Volatility, and Yara.

Finally, you will also learn how to screen Cuckoo Sandbox against VM detection and how to automate the scanning of e-mail attachments with Cuckoo.

Features
  • Learn how to analyze malware in a straightforward way with minimum technical skills
  • Understand the risk of the rise of document-based malware
  • Enhance your malware analysis concepts through illustrations, tips and tricks, step-by-step instructions, and practical real-world scenarios
  • To download updated sample example click - http://www.cuckoosandboxbook.com/
Page Count 142
Course Length 4 hours 15 minutes
ISBN 9781782169239
Date Of Publication 15 Oct 2013

Authors

Digit Oktavianto

Digit Oktavianto is an IT security professional and system administrator with experience in the Linux server, network security, Security Information and Event Management (SIEM), vulnerability assesment, penetration testing, intrusion analysis, incident response and incident handling, security hardening, PCI-DSS, and system administration. He has good experience in Managed Security Services (MSS) projects, Security Operation Centre, operating and maintaining SIEM tools, configuring and setup of IDS/IPS, Firewall, Antivirus, Operating Systems, and Applications. He works as an information security analyst in Noosc Global, a security consultant firm based in Indonesia. Currently, he holds CEH and GIAC Incident Handler certifications. He is very enthusiastic and has a good passion in malware analysis as his main interest for research. This book is the first book that he has written, and he plans to write more about malware analysis and incident response books.

Iqbal Muhardianto

Iqbal Muhardianto is a security enthusiast and he is working in the Ministry of Foreign Affairs of the Republic of Indonesia. He loves breaking things apart just to know how it works. In his computer learning career, he first started with learning MS-DOS and some C programming, after being a System admin, Network Admin, and now he is a IT Security Administrator with some skills in Linux, Windows, Network, SIEM, Malware Analysis, and Pentesting. He currently lives Norway and works as an IT Staff in the Indonesia Embassy in Oslo.