# 54

Malware Analyst interview questions shared by candidates

## Top Interview Questions

Sort: Relevance|Popular|Date
Malware Analyst was asked...September 23, 2013

### There is gold bar given to you every week. You have a person working for you. At the end of the day you have give that person a piece from that gold bar and equal amount of piece each day(7 pieces 7 days). But the condition is you are given a whole gold bar and you have to break it in 7 pieces with 3 strikes only. You cant melt it or cut horizontally. N.B : It's a gold bar and not gold cake so its not round but rectangular.

Your only task is that you have to give that person 1 unit of bar each day as his salary. You can do it in 2 strikes. Cut the bar in 2 strikes to get 3 pieces of 1, 2, 4 units of length. Day 1 - Give 1 unit bar Day 2 - Take 1 unit bar and give 2 unit bar Day 3 - Give 1 unit bar Day 4 - Take 1 and 2 unit bar and give 4 unit bar Day 5 - Give 1 unit bar Day 6 - Take 1 unit bar and give 2 unit bar Day 7 - Give 1 unit bar Less

1st cut |=|=|=|=|X|=|=|=| giving you |=|=|=|=| |=|=|=| Then stack the block of 3 on TOP of the block of 4 2nd cut |=|=|X|=|=| through 2 layers giving you |=|=| |=|=| |=|=| |=| Then stack the 3 blocks of 2 on TOP of each other 3rd cut |=|X|=| through 3 layers giving you |=| |=| |=| |=| |=| |=| |=| Less

I couldn't answer that!

### Give me several pieces of assembly code to read, and identify its function.

One of them is related to the system call, the other is a process of encryption or decryption Less

It's essential to demonstrate that you can really go deep... there are plenty of followup questions and (sometimes tangential) angles to explore. There's a lot of Malware Research Engineer experts who've worked at Palo Alto Networks, who provide this sort of practice through mock interviews. There's a whole list of them curated on Prepfully. prepfully.com/practice-interviews Less

### Virus

Virus is a software program that make your computer malfunction and steel some sensitive datas Less

told

### What is difeerence between worm and trojan

Worms are self executed where as trojon need to execute first

### If you are a malware author - what do you consider to write your own packer.

I said: - I'll obfuscate the assembly as much as possible - Append junk data and encrypt data segment - Add anti-dbug and anti-vm using some detection techniques Less

### What tools do you use to analyze Malware samples ?

IDA Pro, OllyDbg, a lot of open source tools, etc..

### The interview process was pretty painless and did not cover any real technical questions. The interviewer looked over my degree and related experience, told me about the position and asked if I felt I had anything to offer the team.

Yes of course and spent a few minutes selling myself.