±Forensic Focus Partners

±Your Account


Nickname
Password


Forgotten password/username?


Membership:
New Today: 4
New Yesterday: 7
Overall: 27513
Visitors: 55

±Follow Forensic Focus

Join our LinkedIn group

Subscribe to news

Subscribe to forums

Subscribe to blog

Subscribe to tweets

Interested in Malware Analysis - need advice

Discussion of computer forensics employment and career issues.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Go to page Previous  1, 2 
  

Re: Interested in Malware Analysis - need advice

Post Posted: Thu Jun 14, 2012 5:18 am

tstar,

Why would you need a course?

If by "malware forensics", you are looking to determine the effects that malware had on the system that it had infected, there are a number of resources available on the subject that don't require you to attend a course.

For example, there are two very good malware analysis books that have come out recently that go into some detail regarding monitoring or determining the effects of malware as it interacts with it's "eco-system". In my blog, I've provided a number of posts where I discuss malware characteristics and how to use those to develop an understanding of malware.

These are just a few of the resources available to you.

With some free and open source tools, some time, and some effort, you can build up quite a bit of capabilities and expertise in this area, without paying for a course.  

keydet89
Senior Member
 
 
  

Re: Interested in Malware Analysis - need advice

Post Posted: Wed Sep 26, 2012 7:56 am

If you don't mind crossing a bridge, there is an excellent Malware Reverse Engineering course (CFRS 761) being taught at George Mason University in Fairfax, VA through the Computer Forensics Master's program. You could sign up as a non-degree student and take it during the evenings in the Fall or Spring semester, then (depending where you are in your GW program) transfer the credits when you're finished.  

heferyzan
Newbie
 
 
  

Re: Interested in Malware Analysis - need advice

Post Posted: Wed Sep 26, 2012 9:38 am

Thanks very much! I will definitely look into this.  

tstar49
Newbie
 
 
  

Re: Interested in Malware Analysis - need advice

Post Posted: Mon Dec 03, 2012 2:46 pm

I have some experience in this field, coming from a Forensics course and ending up in a CERT team. There are many resources for getting started with Reverse Engineering, but the main thing I can recommend is simply experimenting with live samples in VMs (There is a lot of research around VM escape at the moment). Using tools such as Sysinternals Suite \ Wireshark etc to capture what the malware is doing at a high level first of all, that can then guide your investigation into the actual code of the binary itself.

Lenny Zeltser (previously mentioned) has released a free VM specially designed for RE samples, entitled Remnux: zeltser.com/remnux/

There are several places online where you can pick up samples, or search your junk mail folder for obvious scams and use wget on the url and grab yourself one from the wild ;).

Also I can recommend the previously two mentioned titles "Malware Analysts Cookbook" and "Practical Malware Analysis" The cookbook can be quite heavy handed at times but its worth sticking with it.  

Beef246
Newbie
 
 
Reply to topicReply to topic

Share this forum topic to encourage more replies



Page 2 of 2
Go to page Previous  1, 2