Analyzing malware helps you understand the overall threat landscape. The next best thing to reverse-engineering malicious programs yourself is learning from other analysts’ reports.

Here are several excellent write-ups, authored by different researchers, which describe several types of malicious software:

• Murofet exhibits file infection and password stealing abilities. Marco Giuliani at Prevx provided insightful analysis of this specimen.
• Avzhan is a growing family of DDoS bots. Jeff Edwards at Arbor Networks offered a comprehensive overview of this family of malware.
• Visal is an email worm that spreads links to malicious Windows executable files. It was thoroughly examined by SecureWorks.
• “The Hottest girls on Facebook" worm uses clickjacking and social engineering to propagate. It was researched by Krzysztof Kotowicz. George Deglin examined another example of a Facebook worm.
• A malicious PDF file can split JavaScript across several objects. An example of this technique was documented by Tamas Rudnai at Websense.
• Attacks often combine a malicious PDF file with a Windows executable. One such incident was analyzed by Curt Wilson.

I periodically post interesting malware analysis reports from across the web on the Reverse-Engineering Malware Course page on Facebook.

If you’d like to improve your own malware report-writing skills, take a look at my earlier note What to Include in a Malware Analysis Report, which includes a mind-map template.

— Lenny Zeltser