Monday, 22 April 2013

Static and Dynamic Analysis

Malware Analysis can be broadly divided into two categories:
· Static Analysis
· Dynamic Analysis

Static Analysis

It’s a malware analysis technique in which malware sample is not run it is analyzed statically using tools such as Sting viewer, Dis-assemblers, PE format viewers, etc. It is safer than dynamic analysis as sample is not executed so there is no chance of infecting the machine but it is slower process and requires much experience to do it properly. And if binary is packed it is not possible to analyze it without unpacking.

It can be further divided into two categories:
· Basic Static analysis
· Advanced Static Analysis

Saturday, 20 April 2013

Malware Categories

Malware types
I will describe various malware types here briefly. I won’t go into much detail here I will explain each type in detail when we will analyze that. Let me clear one thing first today’s malware cannot be strictly categorized in one category as they have characteristics of more than one type. Malware is usually categorized based its capabilities and modern malware is hybrid malware that is designed to do multiple functions such as stealing data, providing backdoor access, infecting files, etc. The categories are merely created for classifying malware its not mandatory to spend much time on categorizing malware it’s just for convenience.
There are many categories of malware but I will cover only the popular and common one’s.
So don’t wasting time here are various types of malware:

Trojan

Trojan or Trojan horse name came from ancient Greek history, Trojan horse allowed an army to sneak into highly guarded gate.