Earlier this year,
no starch press, sent SophosLabs an unrequested copy of the book
Practical Malware Analysis: The hands-On Guide to Dissecting Malicious Software with a letter saying
"If you do enjoy the book, I hope that you will consider posting a review ...". Well I enjoyed the book and so here is the review :)
Both authors, Michael Sikorsji and Andrew Honig, have impressive resumes (NSA, MIT and DoD) and list of reviewers looks impressive including: Sal Solfo (Columbia University) and Ilfak Guilfanov (IDA).
The book is well written and, like an academic textbook, each chapter ends with a series of questions and lab exercises. What is more, unlike text books, the teacher's answer copy is in the Appendix - it accounts for nearly *half* the book.
The book consists of 6 parts plus the Appendices:
- Part 1: Basic Analysis
- Part 2: Advanced Static Analysis
- Part 3: Advanced Dynamic Analysis
- Part 4: Malware Functionality
- Part 5: Anti-reverse-engineering
- Part 6: Special Topics
- Appendix A: Important Windows Functionality
- Appendix B: Tools for malware analysis
- Appendix C: Solutions to Labs
