Malware analysis is the study or process of determining the functionality, origin and potential impact of a given malware sample such as a virus, worm, trojan horse, rootkit, or backdoor. Malware or malicious software is any computer software intended to harm the host operating system or to steal sensitive data from users, organizations or companies. Malware may include software that gathers user information without permission.
_q.jpg)
HINT:
Malware analysis in the context of Disassembler
A disassembler is a computer program that translates machine language into assembly language—the inverse operation to that of an assembler. The output of disassembly is typically formatted for human-readability rather than for input to an assembler, making disassemblers primarily a reverse-engineering tool. Common uses include analyzing the output of high-level programming language compilers and their optimizations, recovering source code when the original is lost, performing malware analysis, modifying software (such as binary patching), and software cracking.
A disassembler differs from a decompiler, which targets a high-level language rather than an assembly language. A fundamental method of software analysis is disassembly. Unlike decompilers, which make attempts at recreating high-level human readable structures using binaries, disassemblers are aimed at generating a symbolic assembly, meaning it's attempting to reconstruct the assembly closest to its executions. Disassembled code is hence normally more accurate but also lower level and less abstract than decompiled code and thus it can be much more easily analyzed.
View the full Wikipedia page for Disassembler