Joshua O. BerkohMalware Evasion Techniques-Malware Analysis Day 11/365Malware authors mostly write their malware to evade detection. I learned that some malwares behaves differently when they detect they are…Feb 6Feb 6
Joshua O. BerkohStatic Analysis Continuation-Malware Analysis Day 10/365In this blog, I am statically analyzing a second malware binary sample using Pestudio, Peview and upx packer.Feb 1Feb 1
Joshua O. BerkohStatic Analysis Continuation-Malware Analysis Day 9/365I worked on a malware sample on this blog, and we will be going through some of the observations I made with relevant screenshots. I am…Jan 30Jan 30
Joshua O. BerkohTHE PE FILE HEADERS AND SECTION-Malware Analysis Day 8/365PE headers can provide considerably more information than just imports. The .text section contains the instructions that the CPU executes…Jan 22Jan 22
Joshua O. BerkohImported and Exported Functions-Malware Analysis Day 7/365Imported FunctionsJan 18Jan 18
Joshua O. BerkohExploring Dynamically Linked Function -Malware Analysis Day 6/365Executables can import functions by ordinal instead of name. When importing a function by ordinal, the name of a function never appears in…Jan 16Jan 16
Joshua O. BerkohProgram Linking -Malware Analysis Day 5/365Engineers link imports to their programs in order not to reimplement certain functionality in multiple programs. Knowing how a code is…Jan 13Jan 13
Joshua O. BerkohPacked Files-Malware Analysis Day 4/365Recap: In my last blog, I stated the difference between packed malware and obfuscated malware, where I established that packed malware are…Jan 12Jan 12
Joshua O. BerkohBasic Static Analysis-Malware Analysis Day 3/365As previously described, basic static analysis involves analyzing the code or structure of a program to determine its function. The…Jan 11Jan 11
Joshua O. BerkohPractical Malware Analysis-Day 2/365In Day 2, I continued learning about the basics of malware and malware analysis.Jan 9Jan 9