In this course, you will learn how to analyze a virus, but not create it. Although you will see source code, you are only shown the key source code snippets that make this virus infect and spread. In this course, you will inspect the source code of this virus so you can make sense of what you see inside WPA later on in the course. Being familiar with the Windows APIs that are called during virus infecting operations will provide great insight as to how a virus spreads.
- [Instructor] In this course we analyze a virus, we do not create one. You are shown a demo of the virus and the detection rate when we upload it to virustotal.com, which is a site that keeps an updated database of all antivirus programs in existence. We go over the source code of the virus in order to see how it uses c functions and Windows APIs to infect files. This is done so that we can correlate the functions and Windows APIs we see in the source code to those that are shown to us inside the Windows Performance Analyzer later on in the course.