Description

Get up to speed on state-of-the-art malware with this first-ever guide to analyzing malicious Windows software designed to actively avoid detection and forensic tools.

Dive into the fascinating and terrifying world of evasive malware—malicious software designed to avoid detection. The first of its kind, this thorough introduction is full of practical information, real-world examples, and cutting-edge techniques for discovering, reverse-engineering, and analyzing state-of-the-art malware. 

Beginning with foundational knowledge about malware analysis in the context of the Windows OS, you'll learn about the evasive maneuvers that malware programs use to determine whether they’re being analyzed and the tricks they employ to avoid detection. You'll explore the ways malware circumvents security controls, such as network or endpoint defense bypasses, anti-forensics techniques, and malware that deploys data and code obfuscation. At the end of the book, you'll build your very own anti-evasion analysis lab.

You’ll learn:

• Modern evasive malware threats
  
• Anti-analysis techniques used in malware
  
• How malware bypasses and circumvents security controls
  
• How malware uses victim targeting and profiling techniques
  
• How malware uses anti-forensics and file-less techniques
  
• How to perform malware analysis and reverse engineering on evasive programs
  

About the Author

Kyle Cucci has been hooked on computers since building a PC and buying a C++ book as a teenager. He has over 17 years of diverse experience in cyber- security and IT, and he is currently part of Proofpoint’s Threat Research team, with a day-to-day focus on hunting and reverse-engineering malware. Previously, Kyle led the malware research and forensic investigations team at a large global financial institution. Throughout his career, Kyle’s threat intelligence contributions and research have been featured in government intelligence reports and security tools and products. Kyle regularly speaks at security conferences and has led international trainings and workshops on topics such as malware analysis and security engineering. In his free time, Kyle enjoys contributing to the community via open source tooling and blogging, spending quiet time with his family, and brewing acceptably drinkable beer.