>_ Static Malware Analysis
Static malware analysis means reviewing the code or reviewing the structure of that malicious mechanism. In static analysis, malware is not running while it is being analyzed. However, In dynamic malware analysis, the malware is running while engineers analyze it. Here we are going to discuss some useful techniques and tips about real-time malware, how can we identify it, its symptoms, and the impact of the malware on a system (Distler, 2007)
>_ Scan Malware in Antivirus
The simplest way to analyze malware is to scan it with multiple antivirus services. There are ton of antivirus programs available, so your malware will surely be identified by at least some of them. Antivirus programs have thousands of malicious file signatures and patterns. So they scan malware and, if the file pattern gets matched with their database, it is detected.
One major problem with this technique is that malware can be modified. Crackers/hackers write malware code or modify the malware code in such a way that it will evade the antivirus. However, if malware evades one antivirus then it is not really necessary that it will also evade all other antivirus programs. It will be detected by some of the other antivirus programs. It very rarely happens it has the ability to evade all antivirus programs. That is why it is said that it is always useful to scan with more than one antivirus programs. There are a few websites that have large collections of antivirus programs with their latest virus definitions. One must scan a suspicious file with this kind of website. I recently downloaded malware from a forum and I am going to scan this in such a website. Before I scan that malware, I will list some sources:
-
www.virustotal.com
-
virusscan.jotti.org
-
www.virscan.org
==> Read More
No comments:
Post a Comment