A good place to begin a Static Analysis is with Pestudio. Chapter 7, Analysing System Memory introduced this application when examining suspect malicious software obtained through the analysis of a memory image. In this case, an actual piece of malware will be analysed using the Pestudio. This tool allows analysts to focus on specific attributes of the malware for further analysis.

In this scenario, a live piece of malware will be examined. The malware sample is a Loki Bot Malspamtrojan. This sample was taken from Ensure that the proper pre-configuration is done as any anti-virus program will quarantine the malware making any analysis impossible. Once downloaded into ...

Get Digital Forensics and Incident Response now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.