Intro to Malware Code Analysis (MA02)
"This course was awesome! A+ The trainer broke down complex topics in an easy to understand manner. I now love assembly!"
This hands-on course focuses on tools and techniques to analyze and reverse engineer malicious software with an emphasis on quickly discovering IOCs (Indicators of Compromise). The course includes steps on how to stand up and configure an environment for safe malware analysis. The course is focused on tools and techniques used for code-level analysis. An intro to x86 Assembly Language, Disassemblers, and Debuggers is covered. Reverse Code Engineering (RCE) techniques for both dynamic and static analysis are also discussed. Techniques learned will be applied to real-world malware samples where learners will identify common malware characteristics used by bots, keyloggers, rootkits, worms, etc.
- MA01 - Intro to Malware Behavioral Analysis
- General knowledge of computer, networking, and operating system fundamentals.
- Exposure to malware, assembly language, disassemblers, debuggers, and programming recommended.
- Malware Code Analysis Overview
- Reverse Code Engineering (RCE)
- Manual (Static) Code Reversing
- Dynamic Code Reversing
- Dependency Tracing
- Registry Modification
- File System Manipulation
- Network Traffic Analysis
- Context Piecewise Hashing (Fuzzy Hashing)
- x86 and x64 Architecture
- Assembly Language
- Machine Code / Opcode
- Interpreted Languages
- Stack vs Heap
- Registers and Flags
- Windows API
- Hardware and Software Breakpoints
- Networking APIs
- Malware Analysis Goals
- Indicators of Compromise
- Malware Signatures
- Static and Dynamic Analysis
- Malware Categories
- Mass vs Targeted Malware
- Advanced Persistent Threat (APT)
- Malware Analysis Methodology
- AntiMalware Tools
- Malware Attributes
- Hashing Fundamentals
- Strings and character encoding
- Packed and Obfuscated Malware
- Linked Libraries and Functions
- DLL Hijacking
- Import Hashing
- PE Format structure and sections
- Libraries and Functions
- Virtualization Detection by Malware
- Threads, Processes, Handles
SOFTWARE and tools Used (NOt Inclusive)
- Multiple Windows Sysinternals tools
- Hex Editors
Continuing Education Credits
We offer private onsite courses, at your location. We love to travel and will gladly send a trainer to your location. Please Contact Us for more information.
Live, Instructor-Led Training with a dynamic trainer that is a cyber security professional. Instructors have real-world experience with the material covered in the course.
- Contact Us
We offer course discounts for multiple enrollments. Please Contact Us for more information.