May 17, 2021

What’s the process for analyzing malware?

I found an old laptop with Windows 10 and discovered a virus on it. What’s the process of analyzing a malicious executable?
Do I boot off of a live linux USB, mount the drive and reverse engineer the exe?
Do I copy the executable to a Windows VM, install RE software like IDA and analyze it there?
Or do I just download the RE software directly on to the infected machine and analyze it in its home environment?

In general, what’s the procedure for a cyber forensics expert that’s just been given an infected machine? I’m well versed in software engineering, but completely new to cyber forensics and not really sure how to structure a google search for this.

Thanks in advance for any direction.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.