Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software

by Michael Sikorski & Andrew Honig

Practical Malware Analysis by Michael Sikorski and Andrew Honig is the standard textbook for learning malware reverse engineering. The book progresses from basic static analysis techniques (examining file headers, strings, imports) through dynamic analysis (running malware in controlled environments and monitoring behavior) to advanced reverse engineering with IDA Pro and OllyDbg. Each chapter introduces new concepts and techniques, with hands-on lab exercises using real malware samples. The book covers anti-analysis techniques that malware uses to evade detection and analysis, including anti-debugging, anti-VM, packing, and encryption. Advanced chapters cover shellcode analysis, C++ malware patterns, and 64-bit analysis. The methodical approach and excellent lab exercises have made it the go-to resource for training new malware analysts in both government and private sector organizations.