Book Details:
Publisher: | Packt Publishing |
Series: |
Packt
|
Author: | Digit Oktavianto |
Edition: | 1 |
ISBN-10: | 1782169237 |
ISBN-13: | 9781782169239 |
Pages: | 142 |
Published: | Oct 16 2013 |
Posted: | Nov 19 2014 |
Language: | English |
Book format: | PDF |
Book size: | 7.2 MB |
Book Description:
Analyze malware using Cuckoo Sandbox Overview Learn how to analyze malware in a straightforward way with minimum technical skills Understand the risk of the rise of document-based malware Enhance your malware analysis concepts through illustrations, tips and tricks, step-by-step instructions, and practical real-world scenarios In Detail Cuckoo Sandbox is a leading open source automated malware analysis system. This means that you can throw any suspicious file at it and, in a matter of seconds, Cuckoo will provide you with some detailed results outlining what said file did when executed inside an isolated environment. Cuckoo Malware Analysis is a hands-on guide that will provide you with everything you need to know to use Cuckoo Sandbox with added tools like Volatility, Yara, Cuckooforcanari, Cuckoomx, Radare, and Bokken, which will help you to learn malware analysis in an easier and more efficient way. Cuckoo Malware Analysis will cover basic theories in sandboxing, automating malware analysis, and how to prepare a safe environment lab for malware analysis. You will get acquainted with Cuckoo Sandbox architecture and learn how to install Cuckoo Sandbox, troubleshoot the problems after installation, submit malware samples, and also analyze PDF files, URLs, and binary files. This book also covers memory forensics using the memory dump feature, additional memory forensics using Volatility, viewing result analyses using the Cuckoo analysis package, and analyzing APT attacks using Cuckoo Sandbox, Volatility, and Yara. Finally, you will also learn how to screen Cuckoo Sandbox against VM detection and how to automate the scanning of e-mail attachments with Cuckoo. What you will learn from this book Get started with automated malware analysis using Cuckoo Sandbox Use Cuckoo Sandbox to analyze sample malware Analyze output from Cuckoo Sandbox Report results with Cuckoo Sandbox in standard form Learn tips and tricks to get the most out of your malware analysis results Approach This book is a step-by-step, practical tutorial for analyzing and detecting malware and performing digital investigations. This book features clear and concise guidance in an easily accessible format. Who this book is written for Cuckoo Malware Analysis is great for anyone who wants to analyze malware through programming, networking, disassembling, forensics, and virtualization. Whether you are new to malware analysis or have some experience, this book will help you get started with Cuckoo Sandbox so you can start analysing malware effectively and efficiently.
An Emulator Based Approach
Malicious software (i.e., malware) has become a severe threat to interconnected computer systems for decades and has caused billions of dollars damages each year. A large volume of new malware samples are discovered daily. Even worse, malware is rapidly evolving becoming more sophisticated and evasive to strike against current malware analysis and defense systems. Automatic Malware Analysis presents a virtualized malware analysis framework that addresses common challenges in malware analysis. In regards to this new analysis framework, a series of analysis techniques for automatic malware analysis is developed. These techniques capture intrinsic characteristics of malware, and are well suited for dealing with new malware samples and attack mechanisms....
The Hands-On Guide to Dissecting Malicious Software
Malware analysis is big business, and attacks can cost a company dearly. When malware breaches your defenses, you need to act quickly to cure current infections and prevent future ones from occurring. For those who want to stay ahead of the latest malware, Practical Malware Analysis will teach you the tools and techniques used by professional analysts. With this book as your guide, you'll be able to safely analyze, debug, and disassemble any malicious software that comes your way. You'll learn how to:Set up a safe virtual environment to analyze malwareQuickly extract network signatures and host-based indicatorsUse key analysis tools like IDA Pro, OllyDbg, and WinDbgOvercome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-v...
Investigating and Analyzing Malicious Code
Malware Forensics: Investigating and Analyzing Malicious Code covers the emerging and evolving field of "live forensics," where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss "live forensics" on a particular operating system, or in a generic context, this book emphasizes a live forensics and evidence collection methodology on both Windows and Linux operating systems in the context of identifying and capturing malicious code and evidence of its effect on the compromised system. Malware Forensics: Investigating and Analyzing Malicious Code also devotes extensive coverage of the burgeoning forensic field of physic...
2007 - 2021 © eBooks-IT.org