In many ways, this chapter has merely scratched the surface in regards to malware analysis. It should become apparent that, even with tools for static and dynamic analysis, incident response analysts still have a great deal of skill building ahead of them if they want to master this highly specialized subset of digital forensics. Although it may be difficult, it is important to have at least a functional knowledge of this type of analysis as the cyber criminals and nation states continue to utilize more sophisticated malware. This chapter delved into malware analysis by examining the types of malware currently being seen. An overview of the two primary methods of analysis; static and dynamic gave some context to the tools available. The tools discussed allow an analyst to identify behaviors in malware that can be used to identify them. Finally, actually executing malware can provide further details. The next chapter will tie in the use of threat intelligence into malware analysis and allow analysts an opportunity to tie in their observations to what is happening to other organizations.