The tools for analysing malware range from simple hex editors and Interactive Disassemblers to GUI based tools that integrate online searching and analysis. Each incident will often dictate the specific tools or techniques utilized. A possible infection through a social engineering email that is in the process of infecting network systems may require analysts to work rapidly to identify the malware's behaviour and craft a solution to remove it.In other circumstances, a security control may have identified a file that it deems suspicious.With no active incident at hand, the incident response analysts may want to completely rip apart the code to determine if it had a specific purpose. In either case, the following tools are useful in assisting in the process but, by no means, it is the list all inclusive.
Analyzing malware
There are several sites that provide sample malware...