-
Notifications
You must be signed in to change notification settings - Fork 0
Ops 401: Class 32
Nicholas Loiacono edited this page Jun 1, 2023
·
1 revision
This topic matters as it relates to what I'm studying in this module because we are learning how malware works, its potential damage, and its origin. Malware Analysis includes studying harmful software or malware.
As a Malware Analyst, my job is to study harmful software or "malware." My goal is to understand how these harmful programs work and what damage they can cause. I look into the specific characteristics of malware, how it functions, where it originated, and its potential impact. This is done by dissecting the malware, studying its code, and observing its behavior. The knowledge I gain helps businesses and organizations prevent or reduce the damage caused by such harmful software.
- Capture the malware
- Build a malware lab
- Install your tools
- Record the baseline
- Commence your investigation
- Document the results
A simple mnemonic to remember these steps could be "CBIRCD" - Capture, Build, Install, Record, Commence, Document.
When analyzing a new malware sample, I would first conduct static malware analysis. This is the initial step in understanding the malware by examining its unchanging properties like metadata, headers, and embedded assets. It is less risky because we don't have to execute the malware, which could cause damage. This first step can provide us with some initial insights about the malware's nature and its potential threat level.
Things I want to know more about are advanced analysis techniques like dynamic analysis and reverse engineering, malware evasion techniques, malware families and campaigns, threat intelligence sharing, automation in malware analysis, and legal and ethical considerations.
BasuMallick, C. (2021, August 19). What Is Malware Analysis? Definition, Types, Stages, and Best Practices. Spiceworks. Malware Analysis