In today’s blog we’re looking at TryHackMe’s latest room, Intro To Malware Analysis! In this walkthrough, we’re going to talk about what malware is, how do we start to analyze malware, static and dynamic malware analysis, and some websites that are widely used to help you analyze malware. This is great information if you are interested in working in a SOC or on a Blue Team. Be sure to follow along in the video below!
We’re going to be using a Remnux (Reverse Engineering Malware Linux) VM and using commands as pecheck, md5sum, file, and strings to do some static analysis. We’ll also be checking out sites like Virus Total and Hybrid Analysis to look at some data on some malware samples. For those who want to go a lot deeper than what this room covers, Practical Malware Analysis (Affiliate Link) is great book (that I have at home) for learning a bit more in-depth about the topic and toolsets. Also keep an eye out for future Malware Analysis rooms from TryHackMe!
Below I’m going to share with you my answers when going through the knowledge checks in the different tasks in the room. Definitely try to work through the problems as much as you can. In this particular room, there are a few tasks that don’t require you to answer any questions, so those tasks are omitted from the screenshots below. Make sure to follow along in the video so you understand what you need to do to get the answers below.
Intro To Malware Analysis Task 2 – Malware Analysis
Intro To Malware Analysis Task 3 – Techniques of malware analysis
Intro To Malware Analysis Task 4 – Basic Static Analysis
Intro To Malware Analysis Task 5 – The PE file Header
Intro To Malware Analysis Task 6 – Basic Dynamic Analysis
Intro To Malware Analysis Task 7 – Anti-analysis techniques
Network Knowledge Wrap Up
Keep an eye out as I continue to work through other TryHackMe rooms!
Practical Malware Analysis (Affiliate Link)
TryHackMe Intro To Malware Analysis room