Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Mastering Malware Analysis
  • Toc
  • feedback
Mastering Malware Analysis

Mastering Malware Analysis

By : Alexey Kleymenov, Amr Thabet
4.5 (10)
close
Mastering Malware Analysis

Mastering Malware Analysis

4.5 (10)
By: Alexey Kleymenov, Amr Thabet

Overview of this book

With the ever-growing proliferation of technology, the risk of encountering malicious code or malware has also increased. Malware analysis has become one of the most trending topics in businesses in recent years due to multiple prominent ransomware attacks. Mastering Malware Analysis explains the universal patterns behind different malicious software types and how to analyze them using a variety of approaches. You will learn how to examine malware code and determine the damage it can possibly cause to your systems to ensure that it won't propagate any further. Moving forward, you will cover all aspects of malware analysis for the Windows platform in detail. Next, you will get to grips with obfuscation and anti-disassembly, anti-debugging, as well as anti-virtual machine techniques. This book will help you deal with modern cross-platform malware. Throughout the course of this book, you will explore real-world examples of static and dynamic malware analysis, unpacking and decrypting, and rootkit detection. Finally, this book will help you strengthen your defenses and prevent malware breaches for IoT devices and mobile platforms. By the end of this book, you will have learned to effectively analyze, investigate, and build innovative solutions to handle any malware incidents.
Table of Contents (18 chapters)
close
Free Chapter
1
Section 1: Fundamental Theory
3
Section 2: Diving Deep into Windows Malware
5
Unpacking, Decryption, and Deobfuscation
9
Section 3: Examining Cross-Platform Malware
13
Section 4: Looking into IoT and Other Platforms

Pushing into stack instructions

There are many instructions for storing values or IDs into the stack. These can be accessed later for an operation or stored in another variable. Here are most of them:

ldc Loads a constant into the stack (ldc.i4 10: pushes an int32 value of 10 into the stack)
ldfld Loads a field of an object into a stack given its ID (takes 2 bytes for an ID or uses ldfld.s for 1 byte ID)
ldsflda Loads the address or the reference to a field into the stack (the object reference has to be in the stack already)
ldobj Loads an object into the stack
ldelem Loads an element of an array into the stack given its index (ldelem.s for short)
ldelema Loads the address of an element of an array into the stack
ldarg Loads an argument of a method into the stack given the argument number or ID
ldstr Loads a string from metadata (#US) into the stack given its ID
ldnull Pushes a null value into the stack
ldloc Loads a local variable into the stack given its ID (ldloc...
bookmark search playlist download font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete