Question Regarding Analysis

[Piholasimam]

Hello all,
I am new here. I came because I am fascinated by cyber security and hope to work in the field. I was wondering if anybody could give me some advice based on my level of experience and potentially (if it is advisable) start dissecting a sample I happened upon in the wild. So in no particular order I will list some of my strengths in the hope that anyone reading can guide me further...

• Good foundation in programming, primarily java, but also have worked with C++ and python.
• Knowledge of data structures.(Stacks, Queues, Heaps, Trees);
• Knowledge of computer architecture. Hardware, and other design principles.
• Good foundation in IA32 assembly, though admittedly still room to grow.
• Worked with databases and webdesign. Familiar with some aspects of networking.
• Understanding of Binary, Octal, and Hex.
• General understanding in compilers and the differences between compiled and interpreted.

There is probably some things I've left out. But off the top of my head these is some of the experience I have that could put me at some small advantage over being a straight beginner. I have had exposure to IDA pro, though I am certain my understanding of it is only the tip of a very large iceberg.

Anyways, I appreciate any help, advise, guidance anyone can offer me.

Respectfully,
Pi

 

[Deleted member 65228]

Go for it mate, and don't let anyone tell you not go do so because sometimes you have to just jump right in and learn from practice. If you don't jump into it all now then you'll be telling yourself "I'll start tomorrow" every-day for the rest of your life and then it'll be too late.



You may be interested in studying C#.NET/VB.NET if you're interested in decompilation for MSIL samples though. A lot of malware is based on the .NET Framework... Some are packed/obfuscated as well, but studying how that works will help you defeat it anyway.

Heads up, you will never stop learning in this field. You can never ever reach 100% knowledge of even close. Topics you study you will learn 2x more in after months or even years through new findings, challenges will help strengthen your mind but eventually you'll face and even trickier challenge, and things evolve ever so quickly

 

[Piholasimam]

Very well. As I said there is something interesting I happened upon in the wild. I can describe in detail how it behaves. I have analyzed it with IDA and found some interesting things. I can provide some links to some of the stuff I have found, if anybody is interested..

 

[WinXPert]

Start playing with malwares and be observant with how each one behaves

 

[Piholasimam]

I was having a look at this VirusTotal

Very interesting in the way it behaves and I have reason to believe its how I ended up with Trojan:VBS/Mutuodo.A which there is little info on.

 

[WinXPert]

Very well. As I said there is something interesting I happened upon in the wild. I can describe in detail how it behaves. I have analyzed it with IDA and found some interesting things. I can provide some links to some of the stuff I have found, if anybody is interested..

Count me in

 

[Piholasimam]

Count me in

ok I wanted to verify the proper way to share the sample. I've got it in a 7zip archive..