Preface

• Who this book is for
• What this book covers
• To get the most out of this book
• Download the example code files
• Conventions used
• Get in touch
• Share Your Thoughts

1. Part 1: Malware Behavior: Injection, Persistence, and Privilege Escalation Techniques FREE CHAPTER

2. Chapter 1: A Quick Introduction to Malware Development

• Technical requirements
• What is malware development?
• Unpacking malware functionality and behavior
• Leveraging Windows internals for malware development
• Exploring PE-file (EXE and DLL)
• The art of deceiving a victim’s systems
• Summary

3. Chapter 2: Exploring Various Malware Injection Attacks

• Technical requirements
• Traditional injection approaches – code and DLL
• Exploring hijacking techniques
• Understanding APC injection
• Mastering API hooking techniques
• Summary

4. Chapter 3: Mastering Malware Persistence Mechanisms

• Technical requirements
• Classic path: registry Run Keys
• Leveraging registry keys utilized by Winlogon process
• Implementing DLL search order hijacking for persistence
• Exploiting Windows services for persistence
• Hunting for persistence: exploring non-trivial loopholes
• How to find new persistence tricks
• Summary

5. Chapter 4: Mastering Privilege Escalation on Compromised Systems

• Technical requirements
• Manipulating access tokens
• Password stealing
• Leveraging DLL search order hijacking and supply chain attacks
• Circumventing UAC
• Summary

6. Part 2: Evasion Techniques

7. Chapter 5: Anti-Debugging Tricks

• Technical requirements
• Detecting debugger presence
• Spotting breakpoints
• Identifying flags and artifacts
• Summary

8. Chapter 6: Navigating Anti-Virtual Machine Strategies

• Technical requirements
• Filesystem detection techniques
• Approaches to hardware detection
• Time-based sandbox evasion techniques
• Identifying VMs through the registry
• Summary

9. Chapter 7: Strategies for Anti-Disassembly

• Popular anti-disassembly techniques
• Exploring the function control problem and its benefits
• Obfuscation of the API and assembly code
• Crashing malware analysis tools
• Summary

10. Chapter 8: Navigating the Antivirus Labyrinth – a Game of Cat and Mouse

• Technical requirements
• Understanding the mechanics of antivirus engines
• Evasion static detection
• Evasion dynamic analysis
• Circumventing the Antimalware Scan Interface (AMSI)
• Advanced evasion techniques
• Summary

11. Part 3: Math and Cryptography in Malware

12. Chapter 9: Exploring Hash Algorithms

• Technical requirements
• Understanding the role of hash algorithms in malware
• A deep dive into common hash algorithms
• Practical use of hash algorithms in malware
• Summary

13. Chapter 10: Simple Ciphers

• Technical requirements
• Introduction to simple ciphers
• Decrypting malware – a practical implementation of simple ciphers
• The power of the Base64 algorithm
• Summary

14. Chapter 11: Unveiling Common Cryptography in Malware

• Technical requirements
• Overview of common cryptographic techniques in malware
• Cryptography for secure communication
• Payload protection – cryptography for obfuscation
• Summary

15. Chapter 12: Advanced Math Algorithms and Custom Encoding

• Technical requirements
• Exploring advanced math algorithms in malware
• The use of prime numbers and modular arithmetic in malware
• Implementing custom encoding techniques
• Elliptic curve cryptography (ECC) and malware
• Summary

16. Part 4: Real-World Malware Examples

17. Chapter 13: Classic Malware Examples

• Historical overview of classic malware
• Analysis of the techniques used by classic malware
• Evolution and impact of classic malware
• Lessons learned from classic malware
• Summary

18. Chapter 14: APT and Cybercrime

• Introduction to APTs
• Characteristics of APTs
• Infamous examples of APTs
• TTPs used by APTs
• Summary

19. Chapter 15: Malware Source Code Leaks

• Understanding malware source code leaks
• The impact of source code leaks on the malware development landscape
• Significant examples of malware source code leaks
• Summary

20. Chapter 16: Ransomware and Modern Threats

• Introduction to ransomware and modern threats
• Analysis of ransomware techniques
• Case studies of notorious ransomware and modern threats
• Mitigation and recovery strategies
• Summary

21. Index

• Why subscribe?

22. Other Books You May Enjoy

• Packt is searching for authors like you
• Share Your Thoughts
• Download a free PDF copy of this book