What basic static or dynamic malware analysis concepts do you understand, and how would you use them in an investigation at AIG?