Question

  • Creator
    Topic
  • #3951480

    how to understand malware

    Locked

    by tuqueroimkjernalyn ·

    Tags: ,

    I’ve always wanted to learn how to code, especially when it comes to malware and how they work and reverse engineering their code. My question is where do you think is a good start to learning how malware works and operates.

All Answers

  • Author
    Replies
    • #3951493
      Avatar photo

      Re: understand malware

      by kees_b ·

      In reply to how to understand malware

      Study the changes done for a CVA-number in open source programs by comparing the old source and the new source. The difference shows how the old version worked.

    • #3954474

      Reply To: how to understand malware

      by spur-hitches08 ·

      In reply to how to understand malware

      Short of coding, you can learn lots about what a specific malware do by running them in a VM with tools on the side, like:

      Process monitor from Sysinternals

      HxD – a hex editor

      Autoruns from Sysinternals

      PE-Bear and PE-Sieve – Two tools for PE (exe) files

      Yara – detection tool for (mostly executable) files with lots of free rulesets to download

      Wireshark (Network analysis tool)

Viewing 1 reply thread