Windows Malware Analysis Essentials
Windows Malware Analysis Essentials
Overview
Master the fundamentals of malware analysis for the Windows platform and enhance your anti-malware skill setAbout This Book- Set the baseline towards performing malware analysis on the Windows platform and how to use the tools required to deal with malware- Understand how to decipher x86 assembly code from source code inside your favourite development environment- A step-by-step based guide that reveals malware analysis from an industry insider and demystifies the processWho This Book Is ForThis book is best for someone who has prior experience with reverse engineering Windows executables and wants to specialize in malware analysis. The book presents the malware analysis thought process using a show-and-tell approach, and the examples included will give any analyst confidence in how to approach this task on their own the next time around.What You Will Learn- Use the positional number system for clear conception of Boolean algebra, that applies to malware research purposes- Get introduced to static and dynamic analysis methodologies and build your own malware lab- Analyse destructive malware samples from the real world (ITW) from fingerprinting and static/dynamic analysis to the final debrief- Understand different modes of linking and how to compile your own libraries from assembly code and integrate the codein your final program- Get to know about the various emulators, debuggers and their features, and sandboxes and set them up effectively depending on the required scenario- Deal with other malware vectors such as pdf and MS-Office based malware as well as scripts and shellcodeIn DetailWindows OS is the most used operating system in the world and hence is targeted by malware writers. There are strong ramifications if things go awry. Things will go wrong if they can, and hence we see a salvo of attacks that have continued to disrupt the normal scheme of things in our day to day lives. This book will guide you on how to use essential tools such as debuggers, disassemblers, and sandboxes to dissect malware samples. It will expose your innards and then build a report of their indicators of compromise along with detection rule sets that will enable you to help contain the outbreak when faced with such a situation.We will start with the basics of computing fundamentals such as number systems and Boolean algebra. Further, you'll learn about x86 assembly programming and its integration with high level languages such as C++.You'll understand how to decipher disassembly code obtained from the compiled source code and map it back to its original design goals.By delving into end to end analysis with real-world malware samples to solidify your understanding, you'll sharpen your technique of handling destructive malware binaries and vector mechanisms. You will also be encouraged to consider analysis lab safety measures so that there is no infection in the process.Finally, we'll have a rounded tour of various emulations, sandboxing, and debugging options so that you know what is at your disposal when you need a specific kind of weapon in order to nullify the malware.Style and approachAn easy to follow, hands-on guide with descriptions and screenshots that will help you execute effective malicious software investigations and conjure up solutions creatively and confidently.Description
Condition Guidelines
Books - New and Used
The following guidelines apply to books:
- New: A brand-new copy with cover and original protective wrapping intact. Books with markings of any kind on the cover or pages, books marked as "Bargain" or "Remainder," or with any other labels attached, may not be listed as New condition.
- Used - Good: All pages and cover are intact (including the dust cover, if applicable). Spine may show signs of wear. Pages may include limited notes and highlighting. May include "From the library of" labels. Shrink wrap, dust covers, or boxed set case may be missing. Item may be missing bundled media.
- Used - Acceptable: All pages and the cover are intact, but shrink wrap, dust covers, or boxed set case may be missing. Pages may include limited notes, highlighting, or minor water damage but the text is readable. Item may but the dust cover may be missing. Pages may include limited notes and highlighting, but the text cannot be obscured or unreadable.
Note: Some electronic material access codes are valid only for one user. For this reason, used books, including books listed in the Used – Like New condition, may not come with functional electronic material access codes.
Shipping & Delivery
Shipping Fees
- Stevens Books offers FREE SHIPPING everywhere in the United States for ALL non-book orders, and $3.99 for each book.
- Packages are shipped from Monday to Friday.
- No additional fees and charges.
Delivery Times
The usual time for processing an order is 24 hours (1 business day), but may vary depending on the availability of products ordered. This period excludes delivery times, which depend on your geographic location.
Estimated delivery times:
- Standard Shipping: 5-8 business days
- Expedited Shipping: 3-5 business days
Shipping method varies depending on what is being shipped.
Tracking
All orders are shipped with a tracking number. Once your order has left our warehouse, a confirmation e-mail with a tracking number will be sent to you. You will be able to track your package at all times.
Damaged Parcel
If your package has been delivered in a PO Box, please note that we are not responsible for any damage that may result (consequences of extreme temperatures, theft, etc.).
If you have any questions regarding shipping or want to know about the status of an order, please contact us or email to support@stevensbooks.com.
Returns & Refunds
You may return most items within 30 days of delivery for a full refund.
To be eligible for a return, your item must be unused and in the same condition that you received it. It must also be in the original packaging.
Several types of goods are exempt from being returned. Perishable goods such as food, flowers, newspapers or magazines cannot be returned. We also do not accept products that are intimate or sanitary goods, hazardous materials, or flammable liquids or gases.
Additional non-returnable items:
- Gift cards
- Downloadable software products
- Some health and personal care items
To complete your return, we require a tracking number, which shows the items which you already returned to us.
There are certain situations where only partial refunds are granted (if applicable)
- Book with obvious signs of use
- CD, DVD, VHS tape, software, video game, cassette tape, or vinyl record that has been opened
- Any item not in its original condition, is damaged or missing parts for reasons not due to our error
- Any item that is returned more than 30 days after delivery
Items returned to us as a result of our error will receive a full refund,some returns may be subject to a restocking fee of 7% of the total item price, please contact a customer care team member to see if your return is subject. Returns that arrived on time and were as described are subject to a restocking fee.
Items returned to us that were not the result of our error, including items returned to us due to an invalid or incomplete address, will be refunded the original item price less our standard restocking fees.
If the item is returned to us for any of the following reasons, a 15% restocking fee will be applied to your refund total and you will be asked to pay for return shipping:
- Item(s) no longer needed or wanted.
- Item(s) returned to us due to an invalid or incomplete address.
- Item(s) returned to us that were not a result of our error.
You should expect to receive your refund within four weeks of giving your package to the return shipper, however, in many cases you will receive a refund more quickly. This time period includes the transit time for us to receive your return from the shipper (5 to 10 business days), the time it takes us to process your return once we receive it (3 to 5 business days), and the time it takes your bank to process our refund request (5 to 10 business days).
If you need to return an item, please Contact Us with your order number and details about the product you would like to return. We will respond quickly with instructions for how to return items from your order.
Shipping Cost
We'll pay the return shipping costs if the return is a result of our error (you received an incorrect or defective item, etc.). In other cases, you will be responsible for paying for your own shipping costs for returning your item. Shipping costs are non-refundable. If you receive a refund, the cost of return shipping will be deducted from your refund.
Depending on where you live, the time it may take for your exchanged product to reach you, may vary.
If you are shipping an item over $75, you should consider using a trackable shipping service or purchasing shipping insurance. We don’t guarantee that we will receive your returned item.
Overview
Master the fundamentals of malware analysis for the Windows platform and enhance your anti-malware skill setAbout This Book- Set the baseline towards performing malware analysis on the Windows platform and how to use the tools required to deal with malware- Understand how to decipher x86 assembly code from source code inside your favourite development environment- A step-by-step based guide that reveals malware analysis from an industry insider and demystifies the processWho This Book Is ForThis book is best for someone who has prior experience with reverse engineering Windows executables and wants to specialize in malware analysis. The book presents the malware analysis thought process using a show-and-tell approach, and the examples included will give any analyst confidence in how to approach this task on their own the next time around.What You Will Learn- Use the positional number system for clear conception of Boolean algebra, that applies to malware research purposes- Get introduced to static and dynamic analysis methodologies and build your own malware lab- Analyse destructive malware samples from the real world (ITW) from fingerprinting and static/dynamic analysis to the final debrief- Understand different modes of linking and how to compile your own libraries from assembly code and integrate the codein your final program- Get to know about the various emulators, debuggers and their features, and sandboxes and set them up effectively depending on the required scenario- Deal with other malware vectors such as pdf and MS-Office based malware as well as scripts and shellcodeIn DetailWindows OS is the most used operating system in the world and hence is targeted by malware writers. There are strong ramifications if things go awry. Things will go wrong if they can, and hence we see a salvo of attacks that have continued to disrupt the normal scheme of things in our day to day lives. This book will guide you on how to use essential tools such as debuggers, disassemblers, and sandboxes to dissect malware samples. It will expose your innards and then build a report of their indicators of compromise along with detection rule sets that will enable you to help contain the outbreak when faced with such a situation.We will start with the basics of computing fundamentals such as number systems and Boolean algebra. Further, you'll learn about x86 assembly programming and its integration with high level languages such as C++.You'll understand how to decipher disassembly code obtained from the compiled source code and map it back to its original design goals.By delving into end to end analysis with real-world malware samples to solidify your understanding, you'll sharpen your technique of handling destructive malware binaries and vector mechanisms. You will also be encouraged to consider analysis lab safety measures so that there is no infection in the process.Finally, we'll have a rounded tour of various emulations, sandboxing, and debugging options so that you know what is at your disposal when you need a specific kind of weapon in order to nullify the malware.Style and approachAn easy to follow, hands-on guide with descriptions and screenshots that will help you execute effective malicious software investigations and conjure up solutions creatively and confidently.Description
Condition Guidelines
Books - New and Used
The following guidelines apply to books:
- New: A brand-new copy with cover and original protective wrapping intact. Books with markings of any kind on the cover or pages, books marked as "Bargain" or "Remainder," or with any other labels attached, may not be listed as New condition.
- Used - Good: All pages and cover are intact (including the dust cover, if applicable). Spine may show signs of wear. Pages may include limited notes and highlighting. May include "From the library of" labels. Shrink wrap, dust covers, or boxed set case may be missing. Item may be missing bundled media.
- Used - Acceptable: All pages and the cover are intact, but shrink wrap, dust covers, or boxed set case may be missing. Pages may include limited notes, highlighting, or minor water damage but the text is readable. Item may but the dust cover may be missing. Pages may include limited notes and highlighting, but the text cannot be obscured or unreadable.
Note: Some electronic material access codes are valid only for one user. For this reason, used books, including books listed in the Used – Like New condition, may not come with functional electronic material access codes.
Shipping & Delivery
Shipping Fees
- Stevens Books offers FREE SHIPPING everywhere in the United States for ALL non-book orders, and $3.99 for each book.
- Packages are shipped from Monday to Friday.
- No additional fees and charges.
Delivery Times
The usual time for processing an order is 24 hours (1 business day), but may vary depending on the availability of products ordered. This period excludes delivery times, which depend on your geographic location.
Estimated delivery times:
- Standard Shipping: 5-8 business days
- Expedited Shipping: 3-5 business days
Shipping method varies depending on what is being shipped.
Tracking
All orders are shipped with a tracking number. Once your order has left our warehouse, a confirmation e-mail with a tracking number will be sent to you. You will be able to track your package at all times.
Damaged Parcel
If your package has been delivered in a PO Box, please note that we are not responsible for any damage that may result (consequences of extreme temperatures, theft, etc.).
If you have any questions regarding shipping or want to know about the status of an order, please contact us or email to support@stevensbooks.com.
Returns & Refunds
You may return most items within 30 days of delivery for a full refund.
To be eligible for a return, your item must be unused and in the same condition that you received it. It must also be in the original packaging.
Several types of goods are exempt from being returned. Perishable goods such as food, flowers, newspapers or magazines cannot be returned. We also do not accept products that are intimate or sanitary goods, hazardous materials, or flammable liquids or gases.
Additional non-returnable items:
- Gift cards
- Downloadable software products
- Some health and personal care items
To complete your return, we require a tracking number, which shows the items which you already returned to us.
There are certain situations where only partial refunds are granted (if applicable)
- Book with obvious signs of use
- CD, DVD, VHS tape, software, video game, cassette tape, or vinyl record that has been opened
- Any item not in its original condition, is damaged or missing parts for reasons not due to our error
- Any item that is returned more than 30 days after delivery
Items returned to us as a result of our error will receive a full refund,some returns may be subject to a restocking fee of 7% of the total item price, please contact a customer care team member to see if your return is subject. Returns that arrived on time and were as described are subject to a restocking fee.
Items returned to us that were not the result of our error, including items returned to us due to an invalid or incomplete address, will be refunded the original item price less our standard restocking fees.
If the item is returned to us for any of the following reasons, a 15% restocking fee will be applied to your refund total and you will be asked to pay for return shipping:
- Item(s) no longer needed or wanted.
- Item(s) returned to us due to an invalid or incomplete address.
- Item(s) returned to us that were not a result of our error.
You should expect to receive your refund within four weeks of giving your package to the return shipper, however, in many cases you will receive a refund more quickly. This time period includes the transit time for us to receive your return from the shipper (5 to 10 business days), the time it takes us to process your return once we receive it (3 to 5 business days), and the time it takes your bank to process our refund request (5 to 10 business days).
If you need to return an item, please Contact Us with your order number and details about the product you would like to return. We will respond quickly with instructions for how to return items from your order.
Shipping Cost
We'll pay the return shipping costs if the return is a result of our error (you received an incorrect or defective item, etc.). In other cases, you will be responsible for paying for your own shipping costs for returning your item. Shipping costs are non-refundable. If you receive a refund, the cost of return shipping will be deducted from your refund.
Depending on where you live, the time it may take for your exchanged product to reach you, may vary.
If you are shipping an item over $75, you should consider using a trackable shipping service or purchasing shipping insurance. We don’t guarantee that we will receive your returned item.
Oops!
Sorry, it looks like some products are not available in selected quantity.
