At the September 2018 SecDSM meeting I gave a presentation titled “Amateur Malware Analysis.” Thank you to anyone who came and watched!
For anyone who didn’t make it or didn’t watch SecDSM’s live-stream the summary for my presentation was:
Are you interested in reversing but don’t know where to start? Think reversing is beyond your means? This talk will try to make the topic of reversing more accessible and will focus on amateur malware analysis, including setting up your environment, free tools, and some demos.
Here are the slides I used for my presentation in case anyone wanted to reference them: SecDSM Malware Presentation Slides (from Sept 20, 2018).
The slides contain URLs to the tools I talked about in the presentation. They still seemed to be safe the last time I checked them (although some AV engines disagree for some of the tools). That being said, as with all open source software and freeware that you download, you use them at your own risk. If you want to be really safe about it you could simply download them inside of the VM you plan to use for your malware analysis, and then only run them in your analysis VM. In fact, that is what I do. The same idea applies to any malware samples you download.
I really enjoy attending SecDSM. If you are interested you can check them out at https://secdsm.org/.