Practical Malware Analysis Chapter 1 Lab Attempt

preview_player
Показать описание
Notice: One of my first videos here, the audio isn't perfect, sorry! The video is a bit long for most people's taste at about 40 minutes but I find setting the speed at 1.5X really helps.

Hello, I'm Andy. I'm reading Practical Malware Analysis:
The Hands-On Guide to Dissecting Malicious Software, by
Michael Sikorski and Andrew Honig. Thanks for the great
book! I'm recording my work on the labs. I am not affiliated with the authors.

The book recommends we create a virtual machine with Windows
XP for performing the labs. Installing VMWare Player and
installing an operating system in it are generally very easy
and there are plenty of tutorials online for it if you get
stuck.

I downloaded about 25 tools which were listed throughout the
book. Appendix B has a lot more tools you can choose from,
and there's even more not listed. I even created a blog page with links to these tools (as many as I could find in the book):

Chapter One concerns basic static analysis: Scanning the
suspected malware files for hints to the purpose.

For Chapter 1, I use these tools:
PeID: Shows file packing and other useful information.
Strings: A sysinternals program that shows strings in
programs.
Ida Pro Free: Shows strings.
PEView: Shows useful summary information about the portable
executable, including compile time and imports.
Dependency Walker: Shows imports.
Resource Hacker: Allows viewing objects in the resource
section of the portable executable, and lets you extract
data from it.
  1. Andy Marks
Рекомендации по теме
Practical Malware Analysis 0:38:30

Practical Malware Analysis Chapter 1 Lab Attempt

Practical Malware Analysis 0:14:30

Practical Malware Analysis Walkthrough - Chapter 1 Labs

Malware Analysis - 0:30:33

Malware Analysis - Chapter 01 - Basic Static Analysis

Malware Analysis - 0:05:34

Malware Analysis - Chapter 01 - Labs - 01-02

Malware Analysis - 0:17:57

Malware Analysis - Chapter 00 - Malware Analysis Primer

Malware Analysis - 0:06:18

Malware Analysis - Chapter 01 - Labs - 01-04

Foundational Malware Analysis: 4:12:11

Foundational Malware Analysis: Chapter 1 - The Setup

Intro to Malware 0:14:31

Intro to Malware Analysis - Lab 1-1

The Alien Book 0:00:49

The Alien Book on Malware Analysis #reverseengineering #infosec

Practical Malware Analysis 0:17:12

Practical Malware Analysis | Information Warfare

Practical Malware Analysis 0:21:27

Practical Malware Analysis - Static Analysis

Practical Malware Analysis 1:53:44

Practical Malware Analysis with Sam Bowne

Chapter 1---Part #1 0:36:39

Chapter 1---Part #1

Lab21-01 from Practical 0:04:58

Lab21-01 from Practical Malware Analysis or how reverse shell actually works

Lab18 from Practical 0:18:04

Lab18 from Practical Malware Analysis or how to unpack malware

Malware Analysis - 0:06:47

Malware Analysis - Chapter 01 - Labs - 01-01

Practical Malware Analysis 0:27:34

Practical Malware Analysis Labs | Lab01

Dynamic Analysis Techniques 0:19:55

Dynamic Analysis Techniques - Lab 3-1 Intro to Malware Analysis

Practical Malware Analysis 1:33:13

Practical Malware Analysis

Intro to Practical 0:06:52

Intro to Practical Malware Analysis

CNIT 126: 0: 1:34:27

CNIT 126: 0: Malware Analysis Primer & 1: Basic Static Techniques

Practical Static Malware 0:17:12

Practical Static Malware Analysis | Part One | TryHackMe MalBuster

Malware Analysis - 0:03:36

Malware Analysis - Chapter 01 - Labs - 01-03

Recognizing C Code 0:07:30

Recognizing C Code Constructs in Assembly - Lab 6-1 Intro to Malware Analysis

Комментарии
Автор

Tanks, for this tutorial post. Cheers MATE !!

mrbreez
Автор

are you going to finish the other labs --- for a complete series ? oh you did -- I just checked your channel --- I went through them and I think you stopped at 12... GREAT -- OUTSTANDING --- THANKS FOR DOING THIS !!!!

jjjww
Автор

htons is the computer translation for computer to network intergers for big-endian and little endian - which is something that might give a hacker a hint on buffer overflows - is how I think about it - but boils down to the network byte order

jjjww
Автор

Outstanding tutorial it helped a lot thanks!

jairmartinez
Автор

I can find only one lab file, where are the remaining lab files

ANUDEEPREDDY-hcme
Автор

Thanks for this tutorial I was very useful

RonnyVasquez
Автор

Brilliant tutorial. What is the name of the soundtrack you had on at the beginning??

jefferiesa
Автор

There are some labs are missing please upload those thanks

flicker
Автор

can someone provide me the links for lab files

GameGlitch
Автор

Where we can get lab exe and dll files.

rupaliwaghmare
Автор

Why...?? I cannot analyze any exe in lab1!! Which says they are not valid pe file!! whatever dependency walker or peid not a single one of them work!!! Already tested under xp environment...What happened??? Do we have to deal with the binary files after downloading from lab site?

aglaiawong
Автор

im attempting to download the lab files for this course but the zip given only contains one .exe file and when i run it my antivirus kicks in and auto deletes it im not sure if its the right hing but it was from that same page shown any idea whats up?

scopie