Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Advice for malware analyses


  • Please log in to reply
8 replies to this topic

#1 auto1571

auto1571

  • Members
  • 296 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 07 May 2014 - 05:28 PM

Hi guys,

 

what would be your advice for a beginner in learning malware analysis. Although I am currently learning malware removal I would also like to learn malware analysis. I feel that one could have an advantage in helping people remove malware if they also have training in malware analysis. I also became inspired by this after reading some of the book "Pracitcal Malware Analysis" but a lot of that is heavy going and a lot of it for the advanced user.

 

I would also like to learn how to code software in the future and perhaps even make my own security software to diagnose and get rid of malware in the future too but one step at a time though hey lol.

 

Anyway what would be your advice regarding this?

 

 

Thanks.


Edited by auto1571, 07 May 2014 - 05:33 PM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,482 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:26 PM

Posted 07 May 2014 - 06:13 PM

Where are you learning about malware removal?

Training in malware removal is conducted at various online Unite Schools and part of that training incorporates learning about malware analysis and how to use DDS, RSIT, OTL, or advanced tools like ComboFix, GMER and other anti-rootkit tools.

If you're interested in our training program, please read BleepingComputer's Malware Removal Training Program.

The above link explains how to apply and what is required. If there are no slots available, you will have to check back at a later time.

Of course you could do a Google search and find numerous articles pertaining to malware analysis it you're just attempting to self-learn...but then you won't be able to ask questions or receive expert guidance which would be available in a structured training program.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 auto1571

auto1571
  • Topic Starter

  • Members
  • 296 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 07 May 2014 - 06:22 PM

I am learning at one of the UNITE schools yes. The one I am learning at is GeeksToGo. I applied there about a month ago now. I do hope however to help at a number of UNITE forums when I graduate though. 

 

But there was once a book I read a bit about called "Practical Malware Analasys"  which can be found here: http://www.amazon.co.uk/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901

 

And I was under the impression that book was slightly different although a lot of info in it could also be helpful.



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,482 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:26 PM

Posted 07 May 2014 - 06:37 PM

I am familiar with several of the GTG instructors. When in training, you should not hesitate to ask your instructor's what supplemental reading they recommend. That way they will be aware of what you're reading outside of training and be available for questions.

These are a few resources listed in the Google search link that I would recommend but it's best if you check with your instructors before getting too involved on your own.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 auto1571

auto1571
  • Topic Starter

  • Members
  • 296 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 07 May 2014 - 06:57 PM

I have sometimes got nervous asking questions over there due to being a student and I am still getting familiar with everything. However thinking about it now this question I asked should be perfectly fine to ask over there too. I guess I just need to relax a bit more.

 

Anyway as always Quietman thanks for your replies.



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,482 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:26 PM

Posted 07 May 2014 - 07:10 PM

I understand where you are coming from but there is nothing to be nervous about. The instructors are there for you so do not be afraid to approach them about anything. We actually like students who ask a lot of questions as it shows they are taking the training seriously and want to learn.

Good luck with your studies.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 laszlo42

laszlo42

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:26 AM

Posted 08 May 2014 - 07:12 AM

As far as I remember that book is pretty good(there were some typos in it i think, so get the errata if there is one) and i dont know how you can make it a lot easier. (Maybe i will reread the book, it is quite some time ago that i read it, 2012 or so)

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,482 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:26 PM

Posted 08 May 2014 - 07:28 AM

auto1571 is a student enrolled in a training program. I have already provided the appropriate instructions for what he needs to do.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:26 AM

Posted 19 May 2014 - 04:56 PM

Malware analysis is hard, and not only because malware authors try to make it hard to do.

 

Practical Malware Analysis is a good book. I know the author personally. But if you find it too hard, then focus on malware removal first.

 

I suppose you have no programming experience? Then I often recommend this free book: http://www.openbookproject.net/thinkcs/python/english2e/


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users