Malware Analysis vs. Reversing

[null_endian]

Hello,

I'm new to the field so wanted to ask this. How closely related are malware analysis and reversing from a professional standpoint? What I mean by this is, I assume the goals of reverse engineering a system are to fully document that system... So go module-by-module through it, figure out what it ALL does, figure out which compiler was used, which version of which language, etc...

Whereas malware analysis, I'm not sure to which "extent" is commonly used. For example, as a malware analyst at an antivirus firm, do they do the entire reverse engineering process with each sample or is the goal here to just observe and document all of its BEHAVIORs and then get far enough to just be able to write a definition for it? In other words, in malware analysis, is it required (or a good idea) to document the entire program? If anyone has experience with both regular RE and malware, please let me know if I am mistaken anywhere. I've also seen these 2 links (1 , 2 ) which brought this question out where people bash the lena tutorials.. But of course lena's tuts are not a comprehensive RE course, they teach you how to use OllyDbg and a little about assem... You must read the proper books and get the experience of reversing many programs to get good..

Edited February 25, 2017 by null_endian

[Aldhard Oswine]

It depends. It really, really does. Malware analyst not analysis whole program every time he/she encounters new sample. You can analyze malware with many automatic tools and get significant behavioral information(SysInternals, Cuckoo, Deepviz, etc); the Most time you can not get whole information about malware only using such tools. Sometimes a little information is enough but not always. 
If you want to be a good malware analyst, you should be a good reverse engineer.