I’m a detection engineer learning malware analysis. Writeups, detection rules, and notes from the journey.
Chapter 1
Chapter 1 within Practical Malware Analysis focuses on basic malware static analysis techniques. Some of the techniques that are covered within this chapter include hashing, antivirus scanning, reviewing strings within the binary, detecting if the program is packed or not, reviewing imports/exports, and examining the various fields within the PE header. I will provide short answers to each question at the beginning and then walk through my methodology and go into more detail. ...