Forensic Analysis of Malcode - Step by Step

    Date08 Dec 2005
    Posted ByBenjamin D. Thomas
    As many of you venture into a pervasive computing environment, it will not be long before you will be faced with a situation where forensics will be needed. This is an upcoming, and in my opinion, will be the hottest area of security. If you’re one to chase the big bucks and you want to stay in the technology track, then this is the route for you. Otherwise, go off and write documentation for all of the new regulations. That too is hot and returning hefty salaries.

    I’m going to step you through the process of dissecting a malcode sample using tools and techniques that are commonly used by forensic teams. Keep in mind that at the time of this writing there are no set standards in forensics. This means that you may find other forensic teams doing things differently but rest assured that the techniques I’m about to show you are used by the top minds in the discipline, including myself.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Have you used our RSS feeds?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    [{"id":"77","title":"Yes, for articles","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"78","title":"Yes, for advisories","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"79","title":"Hybrid that contains both","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"80","title":"No","votes":"0","type":"x","order":"4","pct":0,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350


    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.