Introduction to Malware Analysis — Malware Explained

In this story, we will try to learn what malware is and how malware analysis works. This is aimed at complete beginners who have never tried malware analysis before. If that’s you, then this article can help you in making your first step in this field.

What is a Malware?

Malware is any program that does damage to a host without the consent of the user.

Types of Malware

Malware can take many forms and comes in many variations. I don’t want to end up here with a lengthy post, so I’m going to keep the following list short. I have listed here the most common malware types that you should know about.

  • Worm: Unlike Viruses, Worms do not need the help of humans to move to other machines. They can spread easily and can infect a high number of machines in a short amount of time.
  • Trojan: These appear to be normal programs that have a legitimate function, like a game or a utility program. But underneath the innocent-looking user interface, a Trojan performs malicious tasks without the user being aware.
  • Spyware: This type of malware gathers data about the user and sends it to a third-party.
  • Keylogger: This is a special type of spyware. It is specialized in recording the keystrokes made by the user.
  • Ransomware: These types of malware have become more common in the last decade. When a piece of Ransomware infects a machine, it encrypts all the stored files. It then asks the user for a ransom in exchange for the decryption key. Well-known examples of Ransomware are WannaCry and Locky.

What is Malware Analysis?

Malware Analysis is the field of examining malware samples to try to extract valuable information about their origin, behavior, and impact.

Malware Analysis Techniques

Now that we know what malware is, and what malware analysts do, it is time to explore some of the techniques of malware analysis.

Static Analysis

You don’t have to execute a piece of malware to analyze it. By performing what is known as Static Analysis, you can get some valuable information simply by examining the static information associated with the file.

Dynamic Analysis

Dynamic Analysis requires the execution of the malware program and examining its behavior while it is running.

For Further Learning

This section provides a list of good resources that can help you on your journey to learn malware analysis:

A cybersecurity enthusiast, and founder @ Patchthenet.com

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store