This document provides an overview of basic dynamic malware analysis techniques. It explains that dynamic analysis examines how malware behaves when executed by monitoring changes to the system, unusual processes, network traffic, and other behaviors. A number of tools are described that can be used for dynamic analysis, including sandboxes, process monitors, registry snapshots, network service emulators, and packet sniffers. Caution is advised to perform analysis safely in a isolated lab environment.