Regardless of your background or experience with malware analysis, you’ll find something useful in this book.
Chapter 1 through Chapter 3 discuss basic malware analysis techniques that even those with no security or programming experience will be able to use to perform malware triage. Chapter 4 through Chapter 14 cover more intermediate material that will arm you with the major tools and skills needed to analyze most malicious programs. These chapters do require some knowledge of programming. The more advanced material in Chapter 15 through Chapter 19 will be useful even for seasoned malware analysts because it covers strategies and techniques for analyzing even the most sophisticated malicious programs, such as programs utilizing anti-disassembly, anti-debugging, or packing techniques.
This book will teach you how and when to use various malware analysis techniques. Understanding when to use a particular technique can be as important as knowing the technique, because using the wrong technique in the wrong situation can be a frustrating waste of time. We don’t cover every tool, because tools change all the time and it’s the core skills that are important. Also, we use realistic malware samples throughout the book (which you can download from http://www.practicalmalwareanalysis.com/ or http://www.nostarch.com/malware.htm) to expose you to the types of things that you’ll see when analyzing real-world malware.