Uncovering the capabilities of malicious software allows security professionals to respond to incidents, fortify defenses, and derive threat intelligence. The malware analysis tips and tricks outlined in this poster act as a starting point and a reminder for the individuals looking to reverse-engineer and otherwise examine suspicious files such as compiled executables and potentially malicious documents.
What threat does the malicious or suspicious artifact pose? What do its mechanics reveal about the adversary’s goals and capabilities? How effective are the company’s security controls against such infections? What security measures can strengthen the infrastructure from future attacks of this nature? Malware analysis helps answer such questions critical to an organization’s ability to handle malware threats and related incidents.
This poster brings together malware analysis resources related to:
The overall process to examining malicious software in a controlled lab environment
Using the REMnux® toolkit for analyzing malicious software using Linux-based tools
Taking a closer look at malicious software by reversing it at the code level
Analyzing malicious documents, including Microsoft Office and PDF files