[RP]: It Is All About Program Execution

Nice article about malware mechanisms and analysis:

It Is All About Program Execution: http://journeyintoir.blogspot.de/2014/01/it-is-all-about-program-execution.html 

[...]

[RP]: Finding Malware Like Iron Man

Nice presentation:

“Finding Malware Like Iron Man” by Corey Harrell

[PDF]: https://sites.google.com/site/journeyintoir/home/Finding_Malware_Like_Iron_Man-NYS-version.pdf?attredirects=0&d=1

[...]

[RP]: Extracting ZeroAccess from NTFS Extended Attributes

just a quick link: Extracting ZeroAccess from NTFS Extended Attributes

[...]

[RP]: Hiding env./tools from malware

Just a quick repost of a nice article:

Hiding env./tools from malware a.k.a. fight fire with fire (but only inside VM)

[...]

[RP]: Malware Analysis Resources

Impressive list:

Malware Analysis Resources

[...]

Thug on REMnux (Walkthrough)

This blog posts describes how to install Thug (see http://www.honeynet.org/node/827, https://github.com/buffer/thug) on a fresh copy of REMnux 3.0 (VMware version). You should be familiar with VMware and Debian-like OS and have your favourite drugs (read: coffee) within reach …

[...]

[RP]: De-Obfuscating JavaScript

Here’s a nice article on SANS about de-obfuscating malware in IE:

The tale of obfuscated JavaScript continues

[...]

[RP]: Using Pastebin for Malicious Sample Collection

How to get samples for malware analysis:

http://dvlabs.tippingpoint.com/blog/2011/12/14/pastebin-malicious-samples-collection

[...]

[RP]: PDF Metadata Extraction – Multiple Files

Nice summary on anayzing PDF files:

http://forensicaliente.blogspot.com/2011/12/pdf-metadata-extraction-multiple-files.html

[...]