This room provided an introduction to the process of malware analysis. I learned about static and dynamic analysis, and how to safely examine malware samples in a controlled environment. The focus was on understanding the behavior of malware and the clues it leaves behind.
Completing this room gave me a better appreciation of the analyst’s role in identifying what a piece of malware does and how it might be stopped. It connected directly to DFIR by showing how malware analysis supports investigations and incident response.
