You're reading from Mastering Malware Analysis A malware analyst's practical guide to combating malicious software, APT, cybercrime, and IoT attacks

Product type Paperback

Published in Sep 2022

Publisher Packt

ISBN-13 9781803240244

Length 572 pages

Edition 2nd Edition

Concepts

Malware Analysis

Authors (2):

Amr Thabet

Alexey Kleymenov

View More author details

Table of Contents (20) Chapters

Preface

1. Part 1 Fundamental Theory

2. Chapter 1: Cybercrime, APT Attacks, and Research Strategies FREE CHAPTER

3. Chapter 2: A Crash Course in Assembly and Programming Basics

4. Part 2 Diving Deep into Windows Malware

5. Chapter 3: Basic Static and Dynamic Analysis for x86/x64

6. Chapter 4: Unpacking, Decryption, and Deobfuscation

7. Chapter 5: Inspecting Process Injection and API Hooking

8. Chapter 6: Bypassing Anti-Reverse Engineering Techniques

9. Chapter 7: Understanding Kernel-Mode Rootkits

10. Part 3 Examining Cross-Platform and Bytecode-Based Malware

11. Chapter 8: Handling Exploits and Shellcode

12. Chapter 9: Reversing Bytecode Languages – .NET, Java, and More

13. Chapter 10: Scripts and Macros – Reversing, Deobfuscation, and Debugging

14. Part 4 Looking into IoT and Other Platforms

15. Chapter 11: Dissecting Linux and IoT Malware

16. Chapter 12: Introduction to macOS and iOS Threats

17. Chapter 13: Analyzing Android Malware Samples

18. Index

Why subscribe?

19. Other Books You May Enjoy

Packt is searching for authors like you

Becoming familiar with x86 (IA-32 and x64)

Intel x86 (including both 32 and 64-bit versions) is the most common architecture used in PCs. It powers various types of workstations and servers, so it comes as no surprise that most of the malware samples we have at the moment support it. The 32-bit version of it, IA-32, is also commonly referred to as i386 (succeeded by i686) or even simply x86, while the 64-bit version, x64, is also known as x86-64 or AMD64. x86 is a CISC architecture, and it includes multiple complex instructions in addition to simple ones. In this section, we will introduce the most common of them and cover how the functions are organized.

Registers

The following table shows the relationship between the registers in the IA-32 and x64 architectures:

Figure 2.5 – IA-32 and x64 architectures

The registers that are used in the x86 architectures (the 8 to r15 registers) are only available in x64, not IA-32, and the spl, bpl, sil, and...

The rest of the chapter is locked

You're reading from Mastering Malware Analysis A malware analyst's practical guide to combating malicious software, APT, cybercrime, and IoT attacks

Table of Contents (20) Chapters

Becoming familiar with x86 (IA-32 and x64)

Registers

Unlock this book and the full library FREE for 7 days

Authors (2)

Personalised recommendations for you