Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on May 28, 2015
Notice: One of my first videos here, the audio isn't perfect, sorry! The video is a bit long for most people's taste at about 40 minutes but I find setting the speed at 1.5X really helps.
Hello, I'm Andy. I'm reading Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software, by Michael Sikorski and Andrew Honig. Thanks for the great book! I'm recording my work on the labs. I am not affiliated with the authors.
The book recommends we create a virtual machine with Windows XP for performing the labs. Installing VMWare Player and installing an operating system in it are generally very easy and there are plenty of tutorials online for it if you get stuck.
I downloaded about 25 tools which were listed throughout the book. Appendix B has a lot more tools you can choose from, and there's even more not listed. I even created a blog page with links to these tools (as many as I could find in the book):
Chapter One concerns basic static analysis: Scanning the suspected malware files for hints to the purpose.
For Chapter 1, I use these tools: PeID: Shows file packing and other useful information. Strings: A sysinternals program that shows strings in programs. Ida Pro Free: Shows strings. PEView: Shows useful summary information about the portable executable, including compile time and imports. Dependency Walker: Shows imports. Resource Hacker: Allows viewing objects in the resource section of the portable executable, and lets you extract data from it.