Types and categories of malware analysis
There are a considerable number of tools that can be used for malware analysis, so to better understand them, let's start by describing the three types (actually, two) of malware analysis tools.
Static malware analysis
This type of analysis is based on a review of the code to determine the potential indication of threats. Those indicators can be hashes, IP addresses, code signatures, code patterns, strings, functions, and so on.
The main characteristic of this analysis is that it does not execute the code, and while this is an advantage in terms of resources, the scope is also limited because it will not fully test the impact and actions executed by the malware.
Another downside is that sophisticated malware may include advanced features aimed to bypass this static analysis.
Dynamic malware analysis
This type of testing requires more resources in terms of skilled professionals, but also in terms of technology because...