Paper básico mas bem legal no Exploit-DB "Malware Reverse Engineering part1 of 2. Static analysis"
Table of Contents
1. Scope
2. Investigation goals
3. Malware samples analyzed
4 Malware analysis methodology, software, and secure lab setup .
5. General function and functionality of the malware
6. Behavioral patterns of the malware and local system interaction
7. Files and registry keys created, modified and accessed
8. Network behavior (including hosts, domains and ip’s accessed)
9. Time and local system dependant features
10. Method and means of communication
11. Original infection vector and propogation methodology
12. Use of encryption for storage, delivery and or communication
13. Use of self modifying/replicating or encrypted code
14. Any information concerning development of malware (compiler type, packer used, country of origin, author, names/handles, etc
15. Key questions and answers
Para baixá-lo:
http://www.exploit-db.com/download_pdf/18387
Happy Detection!
Rodrigo Montoro
Nenhum comentário:
Postar um comentário