Learning Malware Analysis

A practical guide to understanding the Tools, Techniques & Concepts for Analyzing and Investigating Malware.
Preview in Mapt
Code Files

Learning Malware Analysis

Monnappa K A

A practical guide to understanding the Tools, Techniques & Concepts for Analyzing and Investigating Malware.

Quick links: > What will you learn?> Table of content

This title is available to pre-order now and is expected to be published in
Mapt Subscription
FREE
$29.99/m after trial
eBook
$20.00
RRP $39.99
Save 49%
Print + eBook
$49.99
RRP $49.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$20.00
$49.99
$29.99 p/m after trial
RRP $39.99
RRP $49.99
Subscription
eBook
Print + eBook
Start 14 Day Trial

Frequently bought together


Learning Malware Analysis Book Cover
Learning Malware Analysis
$ 39.99
$ 20.00
Information Security Handbook Book Cover
Information Security Handbook
$ 35.99
$ 18.00
Buy 2 for $35.00
Save $40.98
Add to Cart

Book Details

ISBN 139781788392501
Paperback345 pages

Book Description

Malware analysis and memory forensics are powerful analysis and investigation techniques used in reverse engineering, digital forensics and incident response. With adversaries becoming sophisticated and carrying out advanced malware attacks on critical infrastructures, Data centers, private and public organizations; detecting, responding and investigating such intrusions are critical to information security professionals. Malware analysis and memory forensics have become a must have skill for fighting advanced malware, targeted attacks and security breaches.

This book teaches concepts, techniques, and tools to understand the behavior and characteristics of malware by using malware analysis and it also teaches the techniques to investigate and hunt malwares using memory forensics.

This book will introduce readers to the basics of malware analysis, Windows internals and it then gradually progresses deep into more advanced concepts of code analysis & memory forensics. This book uses real world malware samples and infected memory images to help readers gain a better understanding of the subject so that the readers will be equipped with skills required to analyze, investigate and respond to malware related incidents.

Table of Contents

Chapter 1: Introduction to Malware Analysis
1. What is malware?
2. What is malware analysis?
3. Why malware analysis?
4. Types of malware analysis
5. Setting up the lab environment
Summary
Chapter 2: Static Analysis
1. Determining the file type
2. Fingerprinting the malware
3. Multi anti-virus scanning
4. Extracting strings
5. Determining file obfuscation
6. Inspecting PE header information
7. Comparing and classifying the malware
Summary
Chapter 3: Dynamic Analysis
1. Lab environment overview
2. System and network monitoring
3. Dynamic analysis (monitoring) tools
4. Dynamic analysis steps
5. Putting it all together: Analyzing a malware executable
6. Dynamic-Link Library (DLL) Analysis
Summary
Chapter 4: 4.Assembly Language and Disassembly Primer
1. Computer basics
2. CPU registers
3. Data transfer instructions
4. Arithmetic operations
5. Bitwise operations
6. Branching and conditionals
7. Loops
8. Functions
9. Arrays and strings
10. Structures
11. x64 architecture
12. Additional resources
Summary
Chapter 5: Disassembly Using IDA
1. Code Analysis Tools
2. Static code analysis (Disassembly) using IDA
3. Disassembling Windows API
4. Patching the Binary using IDA
5. IDA scripting and plug-ins
Summary
Chapter 6: Debugging Malicious Binary
1. General Debugger Concepts
2. Debugging binary using x64dbg
3. Debugging binary using IDA
4. Debugging .NET Application
Summary
Chapter 7: test_to delete-Debugging Using IDA and x64dbg
1. Launching and attaching to a process
2. Debugger interface
3. Controlling Process Execution
4. Interrupting Program with Breakpoints
5. Practical use of Debugging (32-bit and 64-bit binary)
6. Debugging Malicious DLL
7. Tracing the program execution
8. Patching the Binary
9. Debugger Scripting using IDAPython
10. Debugging .NET application
Summary
Chapter 8: Test Chapter
1. Computer basics
2. CPU registers
3. Data transfer instructions
4. Arithmetic operations
5. Bitwise operations
6. Branching and conditionals
7. Loops
8. Functions
9. Arrays and strings
10. Structures
11. x64 architecture
12. Additional resources
Summary

What You Will Learn

  • Create a safe and isolated lab environment for malware analysis
  • Tools, concepts & techniques to perform malware analysis using static, dynamic, code and memory analysis/forensics
  • Extracting the metadata associated with malware
  • Determining malware interaction with system
  • Reverse engineering and debugging using code analysis tools like IDA pro and x64dbg
  • Reverse engineering various malware functionalities
  • Reverse engineering & decoding the common encoding/encryption algorithms.
  • Techniques to investigate & hunt malware using memory forensics.
  • Build a custom sandbox to automate malware analysis

Authors

Table of Contents

Chapter 1: Introduction to Malware Analysis
1. What is malware?
2. What is malware analysis?
3. Why malware analysis?
4. Types of malware analysis
5. Setting up the lab environment
Summary
Chapter 2: Static Analysis
1. Determining the file type
2. Fingerprinting the malware
3. Multi anti-virus scanning
4. Extracting strings
5. Determining file obfuscation
6. Inspecting PE header information
7. Comparing and classifying the malware
Summary
Chapter 3: Dynamic Analysis
1. Lab environment overview
2. System and network monitoring
3. Dynamic analysis (monitoring) tools
4. Dynamic analysis steps
5. Putting it all together: Analyzing a malware executable
6. Dynamic-Link Library (DLL) Analysis
Summary
Chapter 4: 4.Assembly Language and Disassembly Primer
1. Computer basics
2. CPU registers
3. Data transfer instructions
4. Arithmetic operations
5. Bitwise operations
6. Branching and conditionals
7. Loops
8. Functions
9. Arrays and strings
10. Structures
11. x64 architecture
12. Additional resources
Summary
Chapter 5: Disassembly Using IDA
1. Code Analysis Tools
2. Static code analysis (Disassembly) using IDA
3. Disassembling Windows API
4. Patching the Binary using IDA
5. IDA scripting and plug-ins
Summary
Chapter 6: Debugging Malicious Binary
1. General Debugger Concepts
2. Debugging binary using x64dbg
3. Debugging binary using IDA
4. Debugging .NET Application
Summary
Chapter 7: test_to delete-Debugging Using IDA and x64dbg
1. Launching and attaching to a process
2. Debugger interface
3. Controlling Process Execution
4. Interrupting Program with Breakpoints
5. Practical use of Debugging (32-bit and 64-bit binary)
6. Debugging Malicious DLL
7. Tracing the program execution
8. Patching the Binary
9. Debugger Scripting using IDAPython
10. Debugging .NET application
Summary
Chapter 8: Test Chapter
1. Computer basics
2. CPU registers
3. Data transfer instructions
4. Arithmetic operations
5. Bitwise operations
6. Branching and conditionals
7. Loops
8. Functions
9. Arrays and strings
10. Structures
11. x64 architecture
12. Additional resources
Summary

Book Details

ISBN 139781788392501
Paperback345 pages
Read More

Read More Reviews

Recommended for You

Information Security Handbook Book Cover
Information Security Handbook
$ 35.99
$ 18.00
Cybersecurity – Attack and Defense Strategies Book Cover
Cybersecurity – Attack and Defense Strategies
$ 31.99
$ 16.00
Understanding Software Book Cover
Understanding Software
$ 23.99
$ 12.00
Penetration Testing with the Bash shell Book Cover
Penetration Testing with the Bash shell
$ 13.99
$ 7.00
Mockito Tutorial: Learn mocking with 25 Junit Examples [Video] Book Cover
Mockito Tutorial: Learn mocking with 25 Junit Examples [Video]
$ 199.99
$ 40.00
Deep Learning with PyTorch Book Cover
Deep Learning with PyTorch
$ 31.99
$ 16.00