Practical Malware Analysis Chapter 1 Lab Attempt





The interactive transcript could not be loaded.


Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on May 28, 2015

Notice: One of my first videos here, the audio isn't perfect, sorry! The video is a bit long for most people's taste at about 40 minutes but I find setting the speed at 1.5X really helps.

Hello, I'm Andy. I'm reading Practical Malware Analysis:
The Hands-On Guide to Dissecting Malicious Software, by
Michael Sikorski and Andrew Honig. Thanks for the great
book! I'm recording my work on the labs. I am not affiliated with the authors.


The book recommends we create a virtual machine with Windows
XP for performing the labs. Installing VMWare Player and
installing an operating system in it are generally very easy
and there are plenty of tutorials online for it if you get

I downloaded about 25 tools which were listed throughout the
book. Appendix B has a lot more tools you can choose from,
and there's even more not listed. I even created a blog page with links to these tools (as many as I could find in the book):


Chapter One concerns basic static analysis: Scanning the
suspected malware files for hints to the purpose.

For Chapter 1, I use these tools:
PeID: Shows file packing and other useful information.
Strings: A sysinternals program that shows strings in
Ida Pro Free: Shows strings.
PEView: Shows useful summary information about the portable
executable, including compile time and imports.
Dependency Walker: Shows imports.
Resource Hacker: Allows viewing objects in the resource
section of the portable executable, and lets you extract
data from it.


When autoplay is enabled, a suggested video will automatically play next.

Up next

to add this to Watch Later

Add to

Loading playlists...