A Quick Intro to Malware Analysis

Dolyetyus

International Team Leader
21 Nis 2020
914
83
Leiden
Welcome TurkHackTeam Members, in this article I will mention Malware Analysis briefly.

Malicious software are programs or files that are intended to cause harm to a system and thereby its user. There are different types of malware, be it viruses, worms, Trojan horses, ransomware, or any other spyware.

Fotolia_135266800_Subscription_Monthly_M-770x770.jpg


Malware can be used to carry out various functions like stealing data, encrypting files, deleting data, altering files, or even adding these systems to one huge botnet and monitor them without the user knowing their device is infected. Generally, malware is written by hackers and cybercriminals.

Some Techniques Used in Malware Analysis


There are two different types of malware analysis techniques in general: Static Analysis and Dynamic Analysis

Static Analysis is the collection of all the examinations of the malware where we do not actually execute the malware, but try to find out what the malware is trying to do.

Dynamic Analysis
is carried out when we actually execute the malware (in a sandboxed environment) and try to figure out the functionality of it. Well, this one is my favorite.

And there are some other ways to analyse malwares.

Figure-Pros-and-Cons-of-Malware-Analysis-Methods.png


Basic Static Analysis

Basic Dynamic Analysis

Advanced Static Analysis

Advanced Dynamic Analysis


You can understand what they mean by their names. Not too complicated.


Additionally malware analysis has important rules that we need to definitely keep in mind while carrying out our examination of the programs to improve our productivity and also not to fall prey to the attackers trap. Otherwise there would be an important harm to done our computers.

dvlvxz6gv0pmet77et3g.jpg


Rule 1:

Do not be too caught up in the details. Most of the malware programs are large and complex to be able to understand every detail.
Instead, focus on the key features.

Rule 2:

Have it in mind that different tools and different approaches are available for different jobs according to the requirements.
There is no single approach. Every other situation is different.

If we don’t get lucky with one tool, we’ll try another.

Try to analyze the malware from a different way.

Rule 3:

Remember the point that analyzing a malware is like playing a cat-and-mouse game.

As we have new malware analysis techniques, malware authors come up with new techniques to prevent analysis.

F5.png


Well, you know a little bir more about the malwares and analysis of them. I hope you enjoyed and thanks for reading. Have a nice day.​
 
Üst

Turkhackteam.org internet sitesi 5651 sayılı kanun’un 2. maddesinin 1. fıkrasının m) bendi ile aynı kanunun 5. maddesi kapsamında "Yer Sağlayıcı" konumundadır. İçerikler ön onay olmaksızın tamamen kullanıcılar tarafından oluşturulmaktadır. Turkhackteam.org; Yer sağlayıcı olarak, kullanıcılar tarafından oluşturulan içeriği ya da hukuka aykırı paylaşımı kontrol etmekle ya da araştırmakla yükümlü değildir. Türkhackteam saldırı timleri Türk sitelerine hiçbir zararlı faaliyette bulunmaz. Türkhackteam üyelerinin yaptığı bireysel hack faaliyetlerinden Türkhackteam sorumlu değildir. Sitelerinize Türkhackteam ismi kullanılarak hack faaliyetinde bulunulursa, site-sunucu erişim loglarından bu faaliyeti gerçekleştiren ip adresini tespit edip diğer kanıtlarla birlikte savcılığa suç duyurusunda bulununuz.