+1 to ' Malware Analyst's Cookbook and DVD: Tools and Techniques for
Fighting Malicious Code' and 'Practical Malware Analysis: The Hands-On
Guide to Dissecting Malicious Software'
Some good blogs/sites to help you get started:
SecurityTube
http://reddit.com/r/ReverseEngineering
http://blog.zeltser.com/
https://www.corelan.be/
http://0xdabbad00.com/
http://contagiodump.blogspot.com/
http://forum.tuts4you.com/
https://www.mandiant.com/blog/
Tools you'll need:
-Vmware or VirtualBox
For Static analysis
HashCalc, TrID-File Identifier, PEview, PEID, BinText, Dependency
Walker, Heap Inspector, Unix Strings, IDA, OllyDBG,
For Dynamic analysis
RegShot, InCtrl5, RegMon, ProcMon, FileMon, NetCat, BinText, LordPE,
Wireshark, FakeDNS, FakeNet, Multipot, APIMonitor, SysAnalyzer,
MCaptureBAT, Memoryze, HBGary Fast Dump, Volatility
Automated Malware Analysis
Cuckoo Sandbox (if you still have the energy and want to impress your
colleagues and upper mgmt, integrate it with Maltego via CuckooForCanari)
Good luck,
Mike Y
P.S. I know some of the tools are a little dated, I just copied/pasted
from a doc I put together a while back.
On 4/25/13 6:43 AM, Jason Long wrote:
Hello Folks.
Can you offer me some information about Malware analysis? How can I do
it? Can you show me a book in this field?
Cheers.
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
