Chapter 1: Creating and Maintaining your Detonation Environment

Malware can be slippery, difficult to dissect, and prone to escapism. As malware analysts, however, we frequently find ourselves in a position where it's necessary to be able to both examine the binaries and samples we come across, as well as actively run the samples and observe their behavior in a semi-live environment. Observing how the malware behaves within a real-world OS informs us as analysts how to better defend and remediate infections of the same kind we come across.

Such needs present several challenges:

How do we execute and study malicious code while ensuring our real environments remain safe and we do not assist the malware authors in propagating their code?
What ...

Get Malware Analysis Techniques now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Malware Analysis Techniques by Dylan Barker

Chapter 1: Creating and Maintaining your Detonation Environment

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly