Intro to Malware Code Analysis (MA02)
"This course was awesome! A+ The trainer broke down complex topics in an easy to understand manner. I now love assembly!"
This hands-on course focuses on tools and techniques to analyze and reverse engineer malicious software with an emphasis on quickly discovering IOCs (Indicators of Compromise). The course includes steps on how to stand up and configure an environment for safe malware analysis. The course is focused on tools and techniques used for code-level analysis. An intro to x86 Assembly Language, Disassemblers, and Debuggers is covered. Reverse Code Engineering (RCE) techniques for both dynamic and static analysis are also discussed. Techniques learned will be applied to real-world malware samples where learners will identify common malware characteristics used by bots, keyloggers, rootkits, worms, etc.
General knowledge of computer, networking, and operating system fundamentals.
Exposure to malware, assembly language, disassemblers, debuggers, and programming recommended.
Malware Code Analysis Overview
Reverse Code Engineering (RCE)
Manual (Static) Code Reversing
Dynamic Code Reversing
File System Manipulation
Network Traffic Analysis
Context Piecewise Hashing (Fuzzy Hashing)
x86 and x64 Architecture
Machine Code / Opcode
Stack vs Heap
Registers and Flags
Hardware and Software Breakpoints
Malware Analysis Goals
Indicators of Compromise
Static and Dynamic Analysis
Mass vs Targeted Malware
Advanced Persistent Threat (APT)
Malware Analysis Methodology
Strings and character encoding
Packed and Obfuscated Malware
Linked Libraries and Functions
PE Format structure and sections
Libraries and Functions
Virtualization Detection by Malware
Threads, Processes, Handles
SOFTWARE and tools Used (NOt Inclusive)
Multiple Windows Sysinternals tools
Continuing Education Credits
We offer private onsite courses, at your location. We love to travel and will gladly send a trainer to your location. Please Contact Us for more information.
Live, Instructor-Led Training with a dynamic trainer that is a cyber security professional. Instructors have real-world experience with the material covered in the course.