There are only so many books you can read on the why of malware before you need to get your hands dirty to understand the how of malware.
This is where I have found some books to be lacking - good on theory, but how do you get started analysing malware?
Given the complexities of the subject the authors have done a thorough job, something evident from the fact that the book is 766 pages and there is no fluff.
- advice on how to approach analysing a suspicious file.
- plenty of tools and examples for practical investigation.
- explains how malware authors use certain features of the operating system to their advantage and how to uncover these.
- excellent chapter on packers and unpacking.
- ways to thwart anti-VM techniques.
- there is a companion website where you can download example code to use with the labs.
To get the most out of the book you will need to do the labs and you should have some knowledge of programming, although there is a crash course in x86 assembly language programming and its vital to understand this for the later chapters.