Difference between revisions of "Malware analysis"

From ForensicsWiki
Jump to: navigation, search
(Initial Stub)
 
m (Fixed IDA Pro link)
Line 1: Line 1:
 
Analyzing [[malware]], or malicious software, is more of an art than a technique. Because of the wide nature of these products, there are limitless ways to hide functionality.  
 
Analyzing [[malware]], or malicious software, is more of an art than a technique. Because of the wide nature of these products, there are limitless ways to hide functionality.  
  
Some common tools for malware analysis include simple programs like [[strings]]. More complex analysis can be conducted by looking at the headers of executables with programs like [[PEiD]] and [[PeExplorer]]. Finally, the most complete analysis can be done with debuggers like [[IdaPro]] and [[OllyDbg]].  
+
Some common tools for malware analysis include simple programs like [[strings]]. More complex analysis can be conducted by looking at the headers of executables with programs like [[PEiD]] and [[PeExplorer]]. Finally, the most complete analysis can be done with debuggers like [[IDA Pro]] and [[OllyDbg]].  
  
 
== See Also ==
 
== See Also ==
  
 
[[List of Malware Analysis Tools]]
 
[[List of Malware Analysis Tools]]

Revision as of 16:31, 2 March 2007

Analyzing malware, or malicious software, is more of an art than a technique. Because of the wide nature of these products, there are limitless ways to hide functionality.

Some common tools for malware analysis include simple programs like strings. More complex analysis can be conducted by looking at the headers of executables with programs like PEiD and PeExplorer. Finally, the most complete analysis can be done with debuggers like IDA Pro and OllyDbg.

See Also

List of Malware Analysis Tools