Static Analysis Introduction
This lecture introduces some basic utilities for performing static analysis on a malware sample.
We begin by discussing file structures, and proceed to discuss the structure characteristics for the following open-source-defined file formats:
Furthermore, we go on to describe some models that we will use to describe
data structure as the course goes on. The following page describes the
Backus-Naur Form that we discussed in class. This should be familiar
to many of your from Automata or Compiler Theory classes:
We then discuss Structured vs. Unstructured data and the technique of data extraction (or, sometimes, feature extraction).
Following that, we proceed to demonstrate the use of the following utilities in Remnux to provide this capability to us:
Slides: lecture-w04-1.pdf (PDF)