A dynamic analysis is an observation of the live code and gives a deeper picture of the functionality of the malware. If you perform static analysis of malware code, the code is not actually executed.
Other tools like Wireshark, PE editor, IDA Pro and more may come in handy. OllyDbg is just a debugger, so before you begin, you may want to determine all the information you want to retrieve from the code. DebuggingĮvaluating malware normally involves using multiple tools. It will help tremendously in the evaluation of the code. It’s important to note that if using a dissembler, it is expected the user have knowledge of the assembly language. This is important to note, as many researchers prefer using Kali Linux for analysis. If you are creating a virtual environment using Kali Linux instead of Windows, you will need to use Wine to run OllyDbg. OllyDbg is meant to run on a Windows platform. Avoid using bridged mode, as it leaves your network exposed. Do some research on best ways to isolate your environment. This should be done in a closed environment within a virtual machine. If you plan to analyze malware on your own, you want to ensure you have your environment setup to protect yourself and your assets.
0 kommentar(er)
