Basic Dynamic Analysis
Premium roomLearn how to analyze malware Dynamically by running them in a Virtual Machine.
medium
To access material, start machines and answer questions login.
Previously, we learned techniques to analyze malware without executing it in the Basic room. However, as we have learned, malware can use techniques to hide its features from a malware analyst. But no matter how good malware hides its features from , its primary purpose is to execute. And when malware executes, it leaves traces that a malware analyst can use to identify if it's malicious. We will use basic techniques in this room to analyze the traces malware leaves when running.
Learning Objectives:
In this room, we will learn:
- Sandboxing and using a for malware analysis.
- The components of a and how to create one for yourself.
- Using ProcMon to monitor a process' activity.
- Using Logger and Monitor to identify calls made by malware.
- Using ProcExp to identify if a process is modified maliciously.
- Using Regshot to track registry changes made by malware.
Pre-requisites:
Before starting this room, it is recommended that you complete the following rooms for a better understanding of the content in this room.
Ready to learn Cyber Security?
The Basic Dynamic Analysis room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in