Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Learning Malware Analysis

You're reading from   Learning Malware Analysis Explore the concepts, tools, and techniques to analyze and investigate Windows malware

Arrow left icon
Product type Paperback
Published in Jun 2018
Publisher
ISBN-13 9781788392501
Length 510 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Monnappa K A Monnappa K A
Author Profile Icon Monnappa K A
Monnappa K A
Arrow right icon
View More author details
Toc

Table of Contents (13) Chapters Close

Preface 1. Introduction to Malware Analysis FREE CHAPTER 2. Static Analysis 3. Dynamic Analysis 4. Assembly Language and Disassembly Primer 5. Disassembly Using IDA 6. Debugging Malicious Binaries 7. Malware Functionalities and Persistence 8. Code Injection and Hooking 9. Malware Obfuscation Techniques 10. Hunting Malware Using Memory Forensics 11. Detecting Advanced Malware Using Memory Forensics 12. Other Books You May Enjoy

To get the most out of this book

Knowledge of programming languages such as C and Python would be helpful (especially to understand the concepts covered in chapters 5, 6, 7, 8, and 9). If you have written a few lines of code and have a basic understanding of programming concepts, you’ll be able to get the most out of this book.

If you have no programming knowledge, you will still be able to get the basic malware analysis concepts covered in chapters 1, 2, and 3. However, you may find it slightly difficult to understand the concepts covered in the rest of the chapters. To get you to speed, sufficient information and additional resources are provided in each chapter. You may need to do some additional reading to fully understand the concepts.

Download the color images

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: used for code examples, folder names, filenames, registry key and values, file extensions, pathnames, dummy URLs, user input, function names, and Twitter handles. Here is an example: "Mount the downloaded WebStorm-10*.dmg disk image file as another disk in your system."

Any command-line input is highlighted in bold, and the example is as follows:

$ sudo inetsim
INetSim 1.2.6 (2016-08-29) by Matthias Eckert & Thomas Hungenberg
Using log directory: /var/log/inetsim/
Using data directory: /var/lib/inetsim/

When we wish to draw your attention to a particular part of code or output, the relevant lines or items are set in bold:

$ python vol.py -f tdl3.vmem --profile=WinXPSP3x86 ldrmodules -p 880
Volatility Foundation Volatility Framework 2.6
Pid Process Base InLoad InInit InMem MappedPath
--- ----------- -------- ----- ------- ----- ----------------------------
880 svchost.exe 0x10000000 False False False \WINDOWS\system32\TDSSoiqh.dll
880 svchost.exe 0x01000000 True False True \WINDOWS\system32\svchost.exe
880 svchost.exe 0x76d30000 True True True \WINDOWS\system32\wmi.dll
880 svchost.exe 0x76f60000 True True True \WINDOWS\system32\wldap32.dll

Italics:  Used for a new term, an important word, or words, malware name, and keyboard combinations. Here is an example: press Ctrl + C to copy

Screen Text: Words in menus or dialog boxes appear in the text like this. Here is an example: Select System info from the Administration panel.

Warnings or important notes appear like this.
Tips and tricks appear like this.
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image