cancel
Showing results for 
Search instead for 
Did you mean: 

Malware Analysis in General

Aspirant

Malware Analysis in General

Hello! I have been having a converstation with Stephan from F-Secure, and the converstation lead to me wondering how do you actually analyze malware, I'm a reader of the blog, but haven't read long enough to spot http://www.f-secure.com/weblog/archives/00001849.html which Stephan directed me to, I checked the University site for the material, but appears it is not there anymore. I would also like to find a guide (or a book) on how to actually start learning about C++, Java and such, in what programs are usually coded. I'm finishing my upper-secondary school soon, and I am looking for a career with programming, and me being such a security freak, I have thought of F-Secure and I'm in the look-out for some practising, I have both Windows & Mac based computers.

 

So any way you could lead me to the right direction.

 

 

Yours Sincerely,

Arttu

 

Best Regards,
Arttu
Tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
F-Secure Employee

Re: Malware Analysis in General

Hi Arttu,

it's great to know about your interest in the security area. I have forwarded your question to F-Secure Labs and you will be hearing more from them soon.

 

Ania

Regards,
Ania
F-Secure Community Service Owner

Twitter: @aniaciuba
--------------------------------
Has somebody helped you? Give Kudos as a way to say "thanks!"
Has your issue been solved? Mark the post using the "Accept as Solution" button to let others know.
2 REPLIES 2
F-Secure Employee

Re: Malware Analysis in General

Hi Arttu,

it's great to know about your interest in the security area. I have forwarded your question to F-Secure Labs and you will be hearing more from them soon.

 

Ania

Regards,
Ania
F-Secure Community Service Owner

Twitter: @aniaciuba
--------------------------------
Has somebody helped you? Give Kudos as a way to say "thanks!"
Has your issue been solved? Mark the post using the "Accept as Solution" button to let others know.
Highlighted
F-Secure

Re: Malware Analysis in General

Hi,

 

I'm Antti, the main lecturer of the university course you mentioned. The slides from the course lectures should be available here:

 

https://noppa.tkk.fi/noppa/kurssi/t-110.6220/luennot

 

The slides are a good way to get started with what we call "reverse engineering", that is, trying to take apart applications to understand how they work. This is the most fundamental way to analyze malware. You'll find pointers to the tools we use: hex editors like HT (http://hte.sourceforge.net), disassemblers like IDA Pro (http://www.hex-rays.com/idapro/idadownfreeware.htm) and debuggers like OllyDbg (http://www.ollydbg.de).

 

However, starting with reverse engineering is difficult without first knowing the engineering part: programming. Most of the malware we analyze is written in C or C++, so learning at least the basics of those languages is an important start. You could take a look at some of the tutorials here: http://www.cprogramming.com/tutorial.html#ctutorial. For programming on Windows, you may want to try the Visual C++ Express Edition: http://www.microsoft.com/express/Windows/. On Mac, Xcode (http://developer.apple.com/xcode/) offers something similar. 

 

A "softer" start to programming could be a language like Python. You'll get something useful done quicker, and you can move onto C and C++ and then reverse engineering as you go along. There are lots of nice tutorials on getting started with Python, like this from Google: http://code.google.com/edu/languages/google-python-class/

 

Good luck!