Reverse engineering theory
Theory scares IT professionals for some reason. This is not truly warranted, as theory is the underlying bedrock of all of your troubleshooting. It may be the axioms you have learned through your X years of hard-knocks trial and error. In the land of qualitative research, this is literally called the Grounded Theory Research Method. The base theory for reverse engineering is that the outputs infer the interior behavior of the application. When you are faced with a piece of malware, you are going to start making working hypotheses from a mixture of the following:
Prior knowledge from recalled interactions with malware perceived as similar
Generalizing perceived outcomes of interactions with the malware under test
Tip
Hacker Tip
It is probably not useful to label an application in an a priori manner. It may mask data to apply the "if it walks like a duck and quacks like a duck, it is probably a duck" axiom to the application. Especially with malware, it is likely that...
