Welcome to Malware Musings.
I’m your host, Karl, and this is my blog for sharing thoughts and ideas about malware analysis, reverse engineering, and some of the things that malware gets up to when it thinks we’re not looking.
Thinking about reverse engineering malware and malware analysis can be a tad daunting. After all, it is a bit like finding a list of instructions such as:
- Keep taking a step forward until you get to the end of the path
- Turn left
- Take fifty steps forward
- Turn right
and working out that it is actually a list of instructions for popping down to the shop for some milk.
Fortunately, a number of people in the information security field have developed scripts, tools, and methodologies to help speed up the process of identifying malware, working out what it does, and helping to protect against it.
It is, however, a continuously changing field as information security professionals and malware authors continue to play a game of cat-and-mouse — the malware authors continually try to come up with new ways of spreading their malware, remaining undetected, and adding more malicious ‘features’; and the information security professionals continually try to come up with new and quicker ways of detecting malware and stopping it (that must be one of the first times I’ve used a semicolon when I’m not writing code).
This blog then, if nothing else, is intended to document my thoughts, discoveries, experiments, experiences, methodologies, and hopefully some of my own tools, advice, and methodologies; as I keep striving to improve my malware analysis skills (and my blogging skills. I hope it’s not going to take me this long to write every blog entry — I started just after breakfast and it’s now mid-afternoon!!).
So if, like myself, you sometimes find yourself lying awake at night thinking about some of the things that malware could get up to or trying to devise a method you could use to help automate malware analysis, or you are wanting to learn about malware analysis, then grab yourself a nice hot cuppa and a couple of dunking biscuits (this could take some time) and muse with me.
Alternatively, if you have more of a life and are here looking for information about malware because some innocent looking PDF file with cute pictures of fluffy kittens just wiped out half of your financial spreadsheets, then I’m hoping this blog will be able to help you out.