Their are primarily two types of analysis techniques:
- Static Analysis
- Dynamic Analysis
Static Analysis
Static analysis is analyzing malware without running, there are several tools and techniques to analyze an malicious file. As their are many types of malwares around here so it is not any hard and fast rule we apply static analysis. Static analysis of a malware includes extracting strings from malware, decode the malware, reverse engineering of malware and so on.
Dynamic Analysis
In dynamic analysis we actually run the malware and observe its behavior. We use debugging, hooking and logging techniques to analyse malware dynamically. In order to analyse a malware dynamically we have to make an envoiremt in which malware not harm us i.e run malware in sandbox environment. Some malware detects sand boxes and they behave accordingly. So when we run them on live system we have to be very careful about malware consequences.
No comments:
Post a Comment