This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
Topic 2.2 of Fundamentals of Malware Analysis
Cryptographic hashing as the first step of malware triage — MD5 vs SHA-256, fuzzy hashing with ssdeep, import hash (imphash), VirusTotal querying, and interpreting detection ratios.
By the end of this topic, you will
Quadrant 1 · e-Tutorial
Quick Bite
Quadrant 2 · e-Content
Quadrant 3 · Web Resources
Downloadable reference material
External links
VirusTotal — Free File and Hash Search
Submit files or search by hash. Free account gives API access for programmatic queries. Essential first stop for any sample.
MalwareBazaar — Sample Search by Hash
Search for samples by MD5, SHA-1, SHA-256, or imphash. Download samples for analysis. Free and no account required.
ssdeep — Fuzzy Hashing Tool
Official ssdeep project page with download links and documentation for context-triggered piecewise hashing.
Quadrant 4 · Self-Assessment
Fundamentals of Malware Analysis
Covers the analysis environment, PE file structure, static property examination, behavioural analysis, and dynamic code analysis of Windows executables.
REMA Complete Assessment
A comprehensive 120-question assessment covering the entire Reverse Engineering and Malware Analysis curriculum: malware taxonomy and reverse engineering fundamentals, static and dynamic analysis, reversing malicious code, malicious web and document files, in-depth analysis of packed and fileless malware, and self-defending malware techniques.