Malware Analysis

Malicious software, or malware, is a general term used to describe a hostile application that is used to compromise the security of data or computer systems. It is often applied to computer viruses, worms, Trojan horses, key loggers, rootkits, adware, and any other type of unwanted software.

Nearly all malware attacks are accompanied by a loss or modification of your data.

It is no longer enough to identify the presence of malicious software and remove it from an infected system or network. Malware is forensic evidence of an attack, and analyzing malware can reveal:

• How did the malware enter your network, and how can you close the holes so that the attack does not get repeated?
• What exactly did the attack do? This is vital in directing your response to make sure that you have completely recovered from the attack
• Who launched the attack? Were you a random victim, or is someone targeting your organization? Does the attack methodology indicate that the attacker had "inside knowledge"? Did the attacker leave clues to their identity in the source code of the malware itself?

Being able to analyze malware gives you control of a potentially harmful security incident – you have the initiative, and the ability to reduce costs and damage to your network