Top

Published in:

2024 | OriginalPaper | Chapter

21. Malware Analysis

Authors : Joakim Kävrestad, Marcus Birath, Nathan Clarke

Published in: Fundamentals of Digital Forensics

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The chapter 'Malware Analysis' focuses on the essential techniques for detecting malware through memory analysis. It begins by explaining the basics of understanding normal computer operations to identify anomalies indicative of malware. Key tools discussed include Volatility 2.6 and Redline, which are used to detect suspicious processes and network activities. The chapter provides step-by-step demonstrations using a memory sample infected with the Trojan horse SpyEye, showcasing how to use Volatility modules like pslist, psscan, and malfind to uncover hidden processes and malicious code. Additionally, the chapter introduces Redline, a graphical memory analysis tool by FireEye, highlighting its capabilities in data collection, analysis, and Indicator of Compromise (IOC) analysis. Throughout the chapter, readers are guided through practical techniques to identify and analyze malicious activities, making it an invaluable resource for cybersecurity professionals.

AI Generated

This summary of the content was generated with the help of AI.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Business + Economics & Engineering + Technology"

Online-Abonnement

Springer Professional "Business + Economics & Engineering + Technology" gives you access to:

more than 102.000 books
more than 537 journals

from the following subject areas:

Automotive
Construction + Real Estate
Business IT + Informatics
Electrical Engineering + Electronics
Energy + Sustainability
Finance + Banking
Management + Leadership
Marketing + Sales
Mechanical Engineering + Materials
Insurance + Risk

Secure your knowledge advantage now!

inform now

Springer Professional "Engineering + Technology"

Online-Abonnement

Springer Professional "Engineering + Technology" gives you access to:

more than 67.000 books
more than 390 journals

from the following specialised fileds:

Automotive
Business IT + Informatics
Construction + Real Estate
Electrical Engineering + Electronics
Energy + Sustainability
Mechanical Engineering + Materials

Secure your knowledge advantage now!

inform now

Springer Professional "Business + Economics"

Online-Abonnement

Springer Professional "Business + Economics" gives you access to:

more than 67.000 books
more than 340 journals

from the following specialised fileds:

Construction + Real Estate
Business IT + Informatics
Finance + Banking
Management + Leadership
Marketing + Sales
Insurance + Risk

Secure your knowledge advantage now!

inform now

previous chapter Memory Analysis in Criminal Investigations

next chapter Challenges and Opportunities

This content is only visible if you are logged in and have the appropriate permissions.

Title: Malware Analysis
Authors: Joakim Kävrestad
Marcus Birath
Nathan Clarke
Publisher: Springer International Publishing
Book: Fundamentals of Digital Forensics
Print ISBN: 978-3-031-53648-9

Electronic ISBN: 978-3-031-53649-6

Copyright Year: 2024
DOI: https://doi.org/10.1007/978-3-031-53649-6_21

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Business + Economics & Engineering + Technology"

Springer Professional "Engineering + Technology"

Springer Professional "Business + Economics"