This chapter was about basic static analysis. It went over tools to quickly analyze a windows binary to see if it contains malware. An example of basic steps include: using virustotal to scan the binary against numerous AVs; checking the Timestamp of compilation; using PEiD to see if the binary is packed; using tools to inspect the PE headers for clues of malicious intent and packing.
The labs are fun, and give practical hands on exercise. There are tons of books out there, but the best ones give labs or some kind of practice. The labs go from easy to hard and the solutions in the back come verbose, so you know what you missed and how to solve the questions.
Really loving this book so far and am taking my time to really learn the material.
No comments:
Post a Comment