Skip to main content
HashnodeBreaking into CyberSecBreaking into CyberSec

Command Palette

Search for a command to run...

Diving into Practical Malware Analysis

Published
2 min read
E
Elijah Maxwell
Part of seriesMalware Analysis

Any Software that causes detriment to the user is considered malware.

I learned that the purpose of malware analysis is typically to provide information needed to respond to a network intrusion. It is described as a game of cat and mouse, like solving a puzzle. This really interests me because I love understanding how things work and why, and solving problems, especially ones that can lead to impactful solutions.

Another interesting thing is that malware analysis can be used to create host-based and network-based signatures and help prevent any future intrusions, thus making an organization’s security posture stronger.

Malware indicators focus on what the malware does to a system, not on the characteristics of the malware itself, so that malware that changes its form can be detected.

Network signatures can be created without Malware Analysis, but signatures created with the help of malware analysis are far more effective.

There are two main approaches to malware analysis: Static and Dynamic. Static analysis involves examining the malware and its contents without running it, while dynamic analysis involves actually running the malware in a sandboxed environment and examining its behavior.

I have realized that malware analysis is essential to having a strong security posture in an organization.

A big reason I am attracted to this niche of cybersecurity is that it is a very sought-after and in-demand skill, yet there are not many people who are skilled in malware analysis and reverse engineering. This inspires me to be one of those few skilled professionals in this very unique and fascinating corner of cybersecurity.

In my current job in the Air Force, I do cybersecurity, but it is a less technical side of cybersecurity where I am an information systems security officer (ISSO). This is one reason why I wanted to pursue the technical side of cybersecurity, so that I can experience both sides. When I become a leader in this field, such as a cybersecurity manager or the like, I want to be able to lead by example and actually have an underlying knowledge of the technical stuff. So that is why i want to understand the technical side of things, and also simply because malware analysis interest me and I have a passion for it.

19 views

Comments

Join the discussion

No comments yet. Be the first to comment.

Malware Analysis

Part 1 of 2

In this series, I will be guided by the book Practical Malware Analysis by Michael Sikorski and Andrew Honig. Follow along in this hands-on series as I dissect malicious code, uncover threats, and learn reverse engineering, among other skills.

Up next

Chapter 1

Basic Static Analysis Antivirus scanning A good first step is to run the malware through multiple antivirus programs. Malware authors can easily bypass antivirus databases by simply changing their code to change the malware signature to one the ant...

More from this blog

B

Breaking into CyberSec

3 posts

In this blog, I will document my learning and experience in cybersecurity. Follow along on my journey from learner to expert.