did-you-know? rent-now

Rent More, Save More! Use code: ECRENTAL

did-you-know? rent-now

Rent More, Save More! Use code: ECRENTAL

5% off 1 book, 7% off 2 books, 10% off 3+ books

9781718503267

Evasive Malware Understanding Deceptive and Self-Defending Threats

by
  • ISBN13:

    9781718503267

  • ISBN10:

    1718503261

  • Format: Paperback
  • Copyright: 2024-09-10
  • Publisher: No Starch Press

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.

Purchase Benefits

  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
List Price: $59.99 Save up to $12.00
  • Rent Book $47.99
    Add to Cart Free Shipping Icon Free Shipping

    TERM
    PRICE
    DUE
    USUALLY SHIPS IN 2-3 BUSINESS DAYS
    *This item is part of an exclusive publisher rental program and requires an additional convenience fee. This fee will be reflected in the shopping cart.

How To: Textbook Rental

Looking to rent a book? Rent Evasive Malware Understanding Deceptive and Self-Defending Threats [ISBN: 9781718503267] for the semester, quarter, and short term or search our site for other textbooks by Cucci, Kyle. Renting a textbook can save you up to 90% from the cost of buying.

Summary

Get up to speed on state-of-the-art malware with this first-ever guide to analyzing malicious Windows software designed to actively avoid detection and forensic tools.

Dive into the fascinating and terrifying world of evasive malware—malicious software designed to avoid detection. The first of its kind, this thorough introduction is full of practical information, real-world examples, and cutting-edge techniques for discovering, reverse-engineering, and analyzing state-of-the-art malware. 

Beginning with foundational knowledge about malware analysis in the context of the Windows OS, you'll learn about the evasive maneuvers that malware programs use to determine whether they’re being analyzed and the tricks they employ to avoid detection. You'll explore the ways malware circumvents security controls, such as network or endpoint defense bypasses, anti-forensics techniques, and malware that deploys data and code obfuscation. At the end of the book, you'll build your very own anti-evasion analysis lab.

You’ll learn:
  • Modern evasive malware threats
  • Anti-analysis techniques used in malware
  • How malware bypasses and circumvents security controls
  • How malware uses victim targeting and profiling techniques
  • How malware uses anti-forensics and file-less techniques
  • How to perform malware analysis and reverse engineering on evasive programs

Author Biography

Kyle Cucci leads the threat analysis and forensics team at a large global financial institution, where he focuses on investigating and hunting the latest cybercrime and malware threats. He has over 15 years of experience in IT, serving various roles in malware research, threat intelligence, incident response, penetration testing, automotive security, and network administration. Kyle takes every opportunity to speak at security conferences and meet-up groups and has led international workshops in malware analysis, penetration testing, and security engineering. When not researching the latest threats, Kyle can be spotted in the wild spending time with his wife and sons or enjoying a good craft beer.

Table of Contents

Introduction

Part I: The Fundamentals
Chapter 1: Windows Foundational Concepts
Chapter 2: A Crash Course in Malware Triage and Behavioral Analysis
Chapter 3: A Crash Course in Static and Dynamic Code Analysis

Part II: Context Awareness and Sandbox Evasion
Chapter 4: Enumerating Operating System Artifacts
Chapter 5: User Environment and Interaction Detection
Chapter 6: Enumerating Hardware and Network Configurations
Chapter 7: Runtime Environment and Virtual Processor Anomalies
Chapter 8: Evading Sandboxes and Disrupting Analysis

Part III: Anti-reversing
Chapter 9: Anti-disassembly
Chapter 10: Anti-debugging
Chapter 11: Covert Code Execution and Misdirection

Part IV: Defense Evasion
Chapter 12: Process Injection, Manipulation, and Hooking
Chapter 13: Evading Network and Endpoint Defenses
Chapter 14: An Introduction to Rootkits
Chapter 15: Fileless Malware and Anti-forensics

Part V: Other Topics
Chapter 16: Encoding and Encryption
Chapter 17: Packers and Unpacking Malware
Chapter 18: Tips for Building an Anti-evasion Analysis Lab

Appendix A: Evasion-Related Windows API Functions
Appendix B: Windows LOLbins and Example Usage
Appendix C: Further Reading

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program