Chapter 6

Analysis of a Malware Specimen

Solutions in this Chapter

• Goals

• Guidelines for Examining a Malicious File Specimen

• Establishing the Environment Baseline

• Pre-execution Preparation: System and Network Monitoring

• Execution Artifact Capture: Digital Impression and Trace Evidence

• Executing the Malicious Code Specimen

• Execution Trajectory Analysis: Observing Network, Process, System Calls, and File System Activity

• Automated Malware Analysis Frameworks

• Embedded Artifact Extraction Revisited

• Interacting with and Manipulating the Malware Specimen: Exploring and Verifying Specimen Functionality and Purpose

• Event Reconstruction and Artifact Review: Post-run Data Analysis

• Digital Virology: Advanced Profiling through Malware ...

Get Malware Forensics Field Guide for Linux Systems now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.