Malware Analysis Techniques
Tricks for the triage of adversarial software
Dylan Barker
BIRMINGHAMMUMBAI
Malware Analysis Techniques
Copyright 2021 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
Group Product Manager: Wilson Dsouza
Publishing Product Manager: Rahul Nair
Senior Editor: Arun Nadar
Content Development Editor: Sayali Pingale
Technical Editor: Sarvesh Jaywant
Copy Editor: Safis Editing
Project Coordinator: Shagun Saini
Proofreader: Safis Editing
Indexer: Pratik Shirodkar
Production Designer: Aparna Bhagat
First published: May 2021
Production reference: 1200521
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.
978-1-83921-227-7
www.packt.com
To Merandia, who has patiently listened to me babble about technical minutiae for nearly a decade.To Emily, who pushed me forward and kept me making progress, and to several wonderful mentors over the years: Rex Riepe, Micah Jackson, and Eric Overby.
Dylan Barker
Contributors
About the author
Dylan Barker is a technology professional with 10 years' experience in the information security space, in industries ranging from K12 and telecom to financial services. He has held many distinct roles, from security infrastructure engineering to vulnerability management. In the past, he has spoken at BSides events and has written articles for CrowdStrike, where he is currently employed as a senior analyst.
About the reviewer
Quinten Bowen is an information security professional with 5 years of experience in the industry. Currently, Quinten works at one of the most respected and leading cybersecurity organizations in the nation. Furthermore, Quinten has expertise in malware analysis, penetration testing, threat hunting, and incident response in enterprise environments, holding relevant certifications such as GREM, OSCP, eCPPT, and eCMAP. Additionally, Quinten spends his off-time volunteering for the Collegiate Cyber Defense Competition (CCDC) and mentoring where possible.
I would like to thank my wife, Jessica, for her continued support in everything I do. You've always been supportive and I sincerely appreciate all you do for us.
To my mother and father, Lisa and Roger, who raised me to be the man I am today. You always said I could do anything, and so I set out to do what I love.