Notes on techniques for determining the functionality, origin and potential impact of a given malware sample such as a virus, worm, trojan horse, rootkit, or backdoor. Real understanding comes by analysing and reverse engineering the malware. Malware is often the foundation of an attack.


Understanding how a malware got past defenses and what it was designed to do once inside an environment can expose behaviour and artifacts that can be used to give a proper response to it; to develop better defences against it; to understand how it varies from other malware; to find similar activity; …