Accelerated Windows Malware Analysis with Memory Dumps: Training Course Transcript and WinDbg Practice Exercises, Second Edition

Accelerated Windows Malware Analysis with Memory Dumps: Training Course Transcript and WinDbg Practice Exercises, Second Edition

Paperback

$135.00 $150.00 Save 10% Current price is $135, Original price is $150. You Save 10%.
Choose Expedited Shipping at checkout for guaranteed delivery by Wednesday, November 21

Product Details

ISBN-13: 9781908043863
Publisher: Opentask
Publication date: 10/02/2017
Pages: 316
Product dimensions: 8.50(w) x 11.00(h) x 0.82(d)

Table of Contents

About the Author

Introduction

Practice Exercises

Exercise 0: Download, setup and verify your WinDbg installation

Exercise M1A

Exercise M1B

Exercise M2

Exercise M3

Exercise M4

Exercise M5

Exercise M6

Selected Q&A

Appendix

Malware Analysis Patterns

Deviant Module

Deviant Token

Driver Device Collection

Execution Residue

Fake Module

Hidden Module

Hidden Process

Hooksware

Namespace

No Component Symbols

Out-of-Module Pointer

Packed Code

Patched Code

Pre-Obfuscation Residue

Raw Pointer

RIP Stack Trace

Self-Diagnosis (Kernel Mode)

Stack Trace Collection

Stack Trace Collection (I/O Requests)

String Hint

Unknown Module

Raw Stack Dump of All Threads (Kernel Space)

Complete Stack Traces from x64 System

Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews