Malware Analysis Part 1.1 : Basic Static Analysis
I've decided to improve my previous entry about Malware Analysis 1. I've learnt several tools and techniques that obtained from ENISA training sheets and Sam Class. Thanks ENISA and SAM for a good stuff! So I just used malicious sample from Practical Malware Analysis Lab for this analysis. ----------------------------------------------- Detecting and Unpacking Packers ----------------------------------------------- This is a techniques that has been used by malware author to obfuscate or evade from AV detection. First, upload the malware sample into PEid: Indicates that the malware was using UPX packer. Then use ExeInfo PE for further verification. Confirmed that malware was using UPX and use advance scan by clicking '>' button. Then unpacking the malware using UPX Re-analyzed the sample by using PEiD. Its recognized the sample as Microsoft Visu C++ file. ---------------------------------------