malware

It is very important to inspect the capabilities of a malicious software, also called malware. This is in order to understand its effect and hence take necessary steps to prevent it. However, an Information Technology (IT) team cannot simply test such effects on the real system, which could result in a disaster for the entire system.

Questions about the mechanism of the malware, what it really does, and its effects are all of the main concerns to the IT team. Hence, a controlled environment is necessary to perform any required examinations on a particular malware. The following steps elaborate on some free and necessary toolkit for any IT security team. It makes teams capable of facing any security incident on a Windows operating system, which is commonly prone to malware exploitation.

There are some available utilities –all free– that one could harness to monitor the infected system behavior. This depends on the type of monitoring desired. Installation of one of the following tools on the test machine is necessary before infecting it with the malware.

The previous tools might be able to analyze the behavior, but it does not touch the problem from its roots. Analyzing the malicious code could lead to a more interesting result. Despite the fact that it is difficult to access the source code of the executable malicious file, there are some tools that can assist in this process.

Scylla and OllyDumpEx: These tools are helpful when dealing with packed executables which could not be disassembled. Instructions of such executables are often encoded and encrypted, and are only extracted into Ram when running. A dump file will be created having the protected code.

How to Build a free Malware Analysis Toolkit?

Malware Analysis

Coming Soon

 

Fill out this form to sign up for the class.

  • Price: $100.00 Quantity:
  • $0.00

5 COMMENTS

  1. The powershell course shows 3 hour classes from Sep 4-7th, and then on Saturday for 45 minutes. Is the malware class setup the same? Will they overlap? What will be studied on the Saturday in the 45 minute block?

      • Thanks! If they are set up the same, is the malware course at the same time (7pm-10pm Sep 4-7) as the powershell course? I was planning to sign up for both…but it wouldn’t make sense to sign up for both if they are held at the same time? Thanks!

LEAVE A REPLY

Please enter your comment!
Please enter your name here