Question Regarding Analysis

Piholasimam

Level 1
Thread author
Verified
Jan 19, 2018
17
Hello all,
I am new here. I came because I am fascinated by cyber security and hope to work in the field. I was wondering if anybody could give me some advice based on my level of experience and potentially (if it is advisable) start dissecting a sample I happened upon in the wild. So in no particular order I will list some of my strengths in the hope that anyone reading can guide me further...

  • Good foundation in programming, primarily java, but also have worked with C++ and python.
  • Knowledge of data structures.(Stacks, Queues, Heaps, Trees);
  • Knowledge of computer architecture. Hardware, and other design principles.
  • Good foundation in IA32 assembly, though admittedly still room to grow.
  • Worked with databases and webdesign. Familiar with some aspects of networking.
  • Understanding of Binary, Octal, and Hex.
  • General understanding in compilers and the differences between compiled and interpreted.
There is probably some things I've left out. But off the top of my head these is some of the experience I have that could put me at some small advantage over being a straight beginner. I have had exposure to IDA pro, though I am certain my understanding of it is only the tip of a very large iceberg.

Anyways, I appreciate any help, advise, guidance anyone can offer me.

Respectfully,
Pi
 
D

Deleted member 65228

Go for it mate, and don't let anyone tell you not go do so because sometimes you have to just jump right in and learn from practice. If you don't jump into it all now then you'll be telling yourself "I'll start tomorrow" every-day for the rest of your life and then it'll be too late.



You may be interested in studying C#.NET/VB.NET if you're interested in decompilation for MSIL samples though. A lot of malware is based on the .NET Framework... Some are packed/obfuscated as well, but studying how that works will help you defeat it anyway.

Heads up, you will never stop learning in this field. You can never ever reach 100% knowledge of even close. Topics you study you will learn 2x more in after months or even years through new findings, challenges will help strengthen your mind but eventually you'll face and even trickier challenge, and things evolve ever so quickly :)
 

Piholasimam

Level 1
Thread author
Verified
Jan 19, 2018
17
Very well. As I said there is something interesting I happened upon in the wild. I can describe in detail how it behaves. I have analyzed it with IDA and found some interesting things. I can provide some links to some of the stuff I have found, if anybody is interested..
 

WinXPert

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Jan 9, 2013
1,457
Start playing with malwares and be observant with how each one behaves
 

Piholasimam

Level 1
Thread author
Verified
Jan 19, 2018
17
I was having a look at this VirusTotal

Very interesting in the way it behaves and I have reason to believe its how I ended up with Trojan:VBS/Mutuodo.A which there is little info on.
 

WinXPert

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Jan 9, 2013
1,457
Very well. As I said there is something interesting I happened upon in the wild. I can describe in detail how it behaves. I have analyzed it with IDA and found some interesting things. I can provide some links to some of the stuff I have found, if anybody is interested..

Count me in
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top