Inspecting Static Malware


The previous two chapters gave you an overview of the Portable Executable (PE) file and the proper way of handling unknown files and those that are found to be malicious. They introduced you to concepts that needed to be understood and done before you can begin malware analysis. Now that you have an understanding of these concepts and an increased awareness of the dangers and pitfalls that you might face if you do not follow them, you are now ready to analyze malware.

In this chapter, I will discuss how to inspect static malware, a process also known as static malware analysis or simply static analysis. I will go through the step-by-step process of analyzing static malware and the tools needed to accomplish ...

Get Advanced Malware Analysis now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.