Manual malware analysis using static and dynamic methods / Arifin Salleh

Today, malware threats are an important topic of security threat research. Combat between malware writer and malware researcher never end. Malware writers use a variety of avoidance techniques such as Code Obfuscation, Packing, Anti-Debugging and Anti-Virtualization Technologies to foil researcher’s analysis. On behalf of researchers they try to find out many techniques to defend IT information services from access or stolen by unauthorized parties. Most of the researches today perform malware analysis in Virtualization Technology in the isolation environment because of security issues. This study focuses on analysis malware using combined static and dynamic in Operating System environment. Thus we focus on malware analysis that uses Anti-Virtualization avoidance technique. Although our platform environment exposed to the threat by malware sample, we protect this environment by using Toolwiz TimeFreeze and window backup image to protect or secure our environment. We took 20 samples of malware from different types of analysis in this environment. We prove that our environment capable to do malware analysis and compare our environment with the virtual machine environment to prove that our analysis more accurate.