blog post about malware analysis

content/blog/2024-08-28-practical-malware-analysis.md

@@ -0,0 +1,12 @@
++++
+title = "I want to learn malware analysis (again)"
+[taxonomies]
+  tags = ['malware analysis']
++++
+
+The heading says it all: I *really* want to learn malware analysis. Ever since I finalized the [Practical Malware Analysis & Triage](https://academy.tcm-sec.com/p/practical-malware-analysis-triage) course by [TCM Security](https://academy.tcm-sec.com/), I was hooked. I 💚loved💚 the entire course, especially diving deep into binaries, (trying) reverse engineering, debugging. I went through all the material, did the labs and wrote up a report, a (very shallow) static and dynamic analysis of a WannaCry-sample. I found my niche (or so I thought...)
+
+## Rabbit holes
+
+One thing that bothered me throughout the course, was the lack of direction and stable ground when investigating and debugging binaries. I found myself stuck reverse engineering functions that were not user written code (C runtime for example). I got close to a particularly interesting part, stepping into and over functions, all to ultimately never reach that goal of finding a specific return value or determining a critical execution flow junction. So I thought to myself: what's the best way to learn how programs work, and flip them inside out? By building them myself! With that motivation, I dove deep back into Python 🐍, thinking, this will be a good starting ground to hop over to C 🖥️ later. But...I think I got stuck at the first step! 🛑 Over the last year, I got really hooked on programming. Some of the stuff I (partially) made:
+