Practical Malware Analysis

Malware analysis is big business. Not only is it a lucrative, rapidly-growing field, but attacks can cost a company dearly. As a security professional, you have to prepare for the worst. When malware breaches your defenses or a client drops a freshly minted piece of malware into your Inbox, you need to be able to understand that malware infiltrator as completely as possible and to act quickly and competently to cure any infections.

For those who want to stay ahead of the latest malware, Practical Malware Analysis will teach you how to use the tools and techniques that professional malware analysts use to dissect malicious software. With this book as your guide, you'll learn how to safely analyze, debug, and disassemble malware to put yourself in the driver's seat; not the malware author.

You'll learn how to:

• Set up a safe malware laboratory
• Develop network signatures and host-based indicators
• Use key analysis tools like IDA Pro, OllyDbg, WinDbg, and Procmon
• Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques
• Use your new-found knowledge of Windows internals for malware analysis
• Unpack malware and use five of the most popular packers
• Analyze special cases of malware with shellcode, C++, and 64-bit code

Hands-on labs at the end of each chapter challenge you to practice and synthesize your skills as you dissect real malware samples. And pages of detailed analysis of the dissections offer an over-the-shoulder look at how the pros do it. You'll learn how to crack open malware to see how it really works, how it's trying to outsmart you, and how to gauge its dangers.

Malware analysis is a cat and mouse game with rules that are constantly changing. Whether you're tasked with fighting malware on one or a thousand networks or you're making a business of malware analysis, you'll find what you need to succeed in Practical Malware Analysis.