Difference between pages "Chrome OS (CrOS)" and "Malware analysis"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
m (External Links)
 
(External Links)
 
Line 1: Line 1:
{{expand}}
+
Analyzing [[malware]], or malicious software, is more of an art than a technique. Because of the wide nature of these products, there are limitless ways to hide functionality.
  
Chromium OS (or Chrome OS, or CrOS) is an open-source project that aims to build an operating system that provides a fast, simple, and more secure computing experience for people who spend most of their time on the web.[http://dev.chromium.org/chromium-os]
+
Some common tools for malware analysis include simple programs like [[strings]]. More complex analysis can be conducted by looking at the headers of executables with programs like [[PEiD]] and [[PeExplorer]]. Finally, the most complete analysis can be done with debuggers like [[IDA Pro]] and [[OllyDbg]].  
 +
 
 +
== See Also ==
 +
* [[Malware]]
 +
* [[List of Malware Analysis Tools]]
  
 
== External Links ==
 
== External Links ==
* [http://dev.chromium.org/chromium-os Chromium OS], by the Chromium project
+
* [http://www.fireeye.com/blog/technical/botnet-activities-research/2013/08/breaking-down-the-china-chopper-web-shell-part-i.html Breaking Down the China Chopper Web Shell – Part I], by Tony Lee, Ian Ahl and Dennis Hanzlik, August 7, 2013
* [http://dev.chromium.org/chromium-os/chromiumos-design-docs/disk-format Disk Format], by the Chromium project
+
* [http://www.fireeye.com/blog/technical/botnet-activities-research/2013/08/breaking-down-the-china-chopper-web-shell-part-ii.html Breaking Down the China Chopper Web Shell – Part 2], by Tony Lee, Ian Ahl and Dennis Hanzlik, August 9, 2013
 +
* [https://www.mandiant.com/blog/hikit-rootkit-advanced-persistent-attack-techniques-part-1-2/ The "Hikit" Rootkit: Advanced and Persistent Attack Techniques (Part 1)], by Ryan Kazanciyan, August 20, 2012
 +
* [https://www.mandiant.com/blog/hikit-rootkit-advanced-persistent-attack-techniques-part-2/ The "Hikit" Rootkit: Advanced and Persistent Attack Techniques (Part 2)], by Christopher Glyer, August 22, 2012
 +
* [http://nakedsecurity.sophos.com/2013/10/11/anatomy-of-an-exploit-ie-zero-day-part-1/ Anatomy of an exploit - inside the CVE-2013-3893 Internet Explorer zero-day - Part 1], by Paul Ducklin on October 11, 2013
 +
* [http://nakedsecurity.sophos.com/2013/10/25/anatomy-of-an-exploit-inside-the-cve-2013-3893-internet-explorer-zero-day-part-2/ Anatomy of an exploit - inside the CVE-2013-3893 Internet Explorer zero-day - Part 2], by Paul Ducklin on October 25, 2013
 +
* [http://labs.lastline.com/an-analysis-of-plugx An Analysis of PlugX], by Roman Vasilenko, December 17, 2013
 +
* [http://www.emc.com/collateral/white-papers/h12756-wp-shell-crew.pdf RSA Incident Response: Emerging Threat Profile - Shell_Crew], by [[EMC]], January 2014
 +
* [http://www.securelist.com/en/downloads/vlpdfs/unveilingthemask_v1.0.pdf Unveiling "Careto" - The Masked APT], by [[Kaspersky|Kaspersky Lab]], February 2014
 +
* [http://spresec.blogspot.com/2014/03/uroburos-rootkit-hook-analysis-and.html?m=1 Uroburos Rootkit Hook Analysis and Driver Extraction], SP Security Blog, March 20, 2014
  
[[Category:Operating systems]]
+
[[Category:Malware]]

Revision as of 23:55, 30 June 2014

Analyzing malware, or malicious software, is more of an art than a technique. Because of the wide nature of these products, there are limitless ways to hide functionality.

Some common tools for malware analysis include simple programs like strings. More complex analysis can be conducted by looking at the headers of executables with programs like PEiD and PeExplorer. Finally, the most complete analysis can be done with debuggers like IDA Pro and OllyDbg.

See Also

External Links