SIR M VISVESWARAYA INSTITUTE OF TECHNOLOGY

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

The Mini Project Review
On
“MALWARE ANALYSIS”
PRESENTED BY
NAKSHA R 1MV22IC028
RAMAKRISHNA K S 1MV22IC040
SATHVIK A R 1MV22IC045
SHASHANK K 1MV22IC047
UNDER THE GUIDANCE OF
Dr. Savita Choudhary B Sumangala Dr. Savita Choudhary
Assoc. Professor & Head Assistant Professor Assoc. Professor & Head
CSE(IOT),SIR MVIT CSE,SIR MVIT CSE(IOT),MVIT
 CONTENTS

I. Introduction - Malware Analysis

II. Project Details
a. Problem Statement and Methodology
b. Objective and Scope
III. SRS (Software Requirements Specification)
a. Functional & Non-functional Requirements
b. Tool and Technology Used
IV. Outcome of the Project

Dept. of CSE(IOT), SIR MVIT 2

Dept. of CSE(IOT), SIR MVIT 3
 INTRODUCTION:MALWARE ANALYSIS
• Malware analysis is the study or process of determining the functionality, origin and potential impact of a given malware
sample such as a virus, worm, trojan horse, rootkit, or backdoor.
• Malware or malicious software is any computer software intended to harm the host operating system or to steal sensitive
data from users, organizations or companies.
• malware may include software that gathers user information without permission.
 TYPES OF MALWARE:
1. Viruses: Attach to programs or files, replicate, and spread across a system.
2. Worms: Duplicate themselves in other devices or systems.
3. Trojans: Pretend to be harmless, but are actually malicious. They can open a back door that gives cybercriminals remote
control over a device.
4. Ransomware: Encrypts a device's data and holds it for ransom.
 TYPES OF MALWARE ANALYSIS:
1. Static Malware Analysis: static or code analysis does not require that the code is actually.
2. Dynamic Malware Analysis: dynamic or behavioral analysis is executed suspected malicious code in a safe
environment called a sandbox.

Dept. of CSE(IOT), SIR MVIT 4

Dept. of CSE, SIR MVIT 5
 PROJECT DETAILS
PROBLEM STATEMENT AND METHODOLOGY

 PROBLEM STATEMENT:
• Malware poses a significant threat to cybersecurity, as it can compromise systems, steal sensitive data, and disrupt operations.
Detecting, analyzing, and mitigating malware is increasingly challenging due to its evolving complexity and use of obfuscation
techniques. Effective malware analysis is crucial to prevent, identify, and respond to these malicious attacks efficiently.

 METHODOLOGY:
1. Sample Acquisition: Securely obtain the malware sample from infected systems or suspicious files, ensuring a safe handling
environment to prevent accidental execution.
2. Static Analysis: Examine the malware without executing it by analyzing file properties, headers, and code structure using
disassemblers and signature scanners to identify known malware.
3. Dynamic Analysis: Execute the malware in a controlled sandbox environment to observe its behavior, including file system
changes, network activity, and process interactions in real-time.
4. Network Behavior Monitoring: Capture and analyze network traffic to detect communications with command-and-control
(C&C) servers and identify potential data exfiltration attempts.
5. Documentation and Reporting: Compile detailed findings from both static and dynamic analyses, documenting the malware’s
behavior, potential impact, and recommended mitigation strategies for future prevention.
Dept. of CSE(IOT), SIR MVIT 6
 PROJECT DETAILS
 OBJECTIVE OF MALWARE ANALYSIS:
• The objective of performing malware analysis is to identify, understand, and mitigate malicious software by dissecting its
behavior and impact. This enables cybersecurity teams to detect threats, develop effective defense strategies, and prevent
future attacks. It also helps in improving incident response and enhancing overall system security.

 SCOPE:
1. Identification of Malware Behavior : Analyze the actions, techniques, and propagation methods of malware to understand
its functionality and potential harm.
2. Threat Detection and Classification : Classify malware into categories (e.g., ransomware, trojans, worms) and detect both
known and unknown threats through behavioral and signature-based analysis.
3. Incident Response and Mitigation : Provide actionable insights to develop remediation strategies, contain infections, and
restore affected systems efficiently.
4. Improving Security Defenses : Use findings from malware analysis to strengthen security policies, enhance antivirus
signatures, and improve firewalls and intrusion detection systems.
5. Threat Intelligence Contribution : Add findings to global threat intelligence feeds and databases, enabling organizations
to anticipate and defend against future malware attacks.

Dept. of CSE(IOT), SIR MVIT 7

 SRS(Software Requirement Specification)
 FUNCTIONAL REQUIREMENTS:
1. Sample Management: Upload, categorize, and manage multiple malware samples, including tagging and version
control.
2. Static Analysis: Analyze file properties, headers, and perform signature-based scanning to identify known malware.
3. Dynamic Analysis: Execute malware in a secure sandbox environment and monitor real-time behavior, including file
modifications and network activity.
4. Reporting : Generate detailed analysis reports summarizing findings, potential impacts, and recommended remediation
steps; allow exporting in various formats.

 NON-FUNCTIONAL REQUIREMENTS:
1. Performance : The tool should efficiently process multiple malware samples simultaneously with minimal latency and
quick response times during analysis.
2. Security : Ensure isolation of the execution environment to prevent contamination and encrypt stored data to protect
sensitive information.
3. Usability: Provide an intuitive, user-friendly interface with accessible help resources and documentation for users of
varying expertise.
4. Compatibility : Support multiple operating systems (Windows, Linux) and ensure integration capabilities with existing
cybersecurity tools and frameworks.
Dept. of CSE(IOT), SIR MVIT 8
 SRS(Software Requirement Specification)
 TOOL USED FOR MALWARE ANALYSIS:
• The malware analysis tools simply allow us to know in a quick and effective way, what actions a threat makes in
the system.
• In this way, you can easily collect all the information about the created files, network connections, changes in the
registry, etc.
• Hence, to achieve this goal, there are a lot of resources and tools available that simply provide the possibility to
analyze a threat through different approaches.
• Some of the tools are Fidller, Wireshark, Process Hacker, AutoRuns, Process Monitor etc.

Dept. of CSE(IOT), SIR MVIT 9

 Outcome Of The Project
• The outcome of a malware analysis project is a thorough identification of malware types, behaviors, and infection
mechanisms, providing a detailed understanding of the threat.

• This enables the implementation of enhanced security measures, such as updated antivirus definitions, improved
firewalls, and more effective intrusion detection systems.

• Additionally, the project results in the development of tailored incident response plans, guiding how to contain,
eliminate, and recover from malware attacks swiftly.

• By contributing findings to global threat intelligence networks, the analysis helps other organizations better anticipate
and defend against similar threats.

• Ultimately, the project strengthens organizational resilience, improving security policies, employee awareness, and
system defenses to reduce vulnerabilities and enhance future preparedness against cyber threats.

Dept. of CSE(IOT), SIR MVIT 10

THANK YOU

Dept. of CSE(IOT), SIR MVIT 11