±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 0 Overall: 32353
New Yesterday: 1 Visitors: 105

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

RSS Feed Widget

±Latest Webinars

Interested in Malware Analysis - need advice

Discussion of computer forensics employment and career issues.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Go to page Previous  1, 2 

Re: Interested in Malware Analysis - need advice

Post Posted: Thu Jun 14, 2012 5:18 am


Why would you need a course?

If by "malware forensics", you are looking to determine the effects that malware had on the system that it had infected, there are a number of resources available on the subject that don't require you to attend a course.

For example, there are two very good malware analysis books that have come out recently that go into some detail regarding monitoring or determining the effects of malware as it interacts with it's "eco-system". In my blog, I've provided a number of posts where I discuss malware characteristics and how to use those to develop an understanding of malware.

These are just a few of the resources available to you.

With some free and open source tools, some time, and some effort, you can build up quite a bit of capabilities and expertise in this area, without paying for a course.  

Senior Member

Re: Interested in Malware Analysis - need advice

Post Posted: Wed Sep 26, 2012 7:56 am

If you don't mind crossing a bridge, there is an excellent Malware Reverse Engineering course (CFRS 761) being taught at George Mason University in Fairfax, VA through the Computer Forensics Master's program. You could sign up as a non-degree student and take it during the evenings in the Fall or Spring semester, then (depending where you are in your GW program) transfer the credits when you're finished.  


Re: Interested in Malware Analysis - need advice

Post Posted: Wed Sep 26, 2012 9:38 am

Thanks very much! I will definitely look into this.  


Re: Interested in Malware Analysis - need advice

Post Posted: Mon Dec 03, 2012 3:46 pm

I have some experience in this field, coming from a Forensics course and ending up in a CERT team. There are many resources for getting started with Reverse Engineering, but the main thing I can recommend is simply experimenting with live samples in VMs (There is a lot of research around VM escape at the moment). Using tools such as Sysinternals Suite \ Wireshark etc to capture what the malware is doing at a high level first of all, that can then guide your investigation into the actual code of the binary itself.

Lenny Zeltser (previously mentioned) has released a free VM specially designed for RE samples, entitled Remnux: zeltser.com/remnux/

There are several places online where you can pick up samples, or search your junk mail folder for obvious scams and use wget on the url and grab yourself one from the wild ;).

Also I can recommend the previously two mentioned titles "Malware Analysts Cookbook" and "Practical Malware Analysis" The cookbook can be quite heavy handed at times but its worth sticking with it.  


Reply to topicReply to topic

Share and Like this forum topic to get more replies

Page 2 of 2
Go to page Previous  1, 2