Cybersecurity Training and Certification Provider

Overview

This Advanced Malware Analysis and Reverse Engineering – v.2 course will introduce students to modern malware analysis techniques and skills necessary to dissect malicious software in order to understand its mechanics and purpose. This course provides a holistic approach to dissecting malware.

Companies around the world are losing billions of dollars every year because of information security breaches usually caused by malware. The number of malware attacks grows yearly at an exponential rate. Malicious code or malware is a piece of code that intends to harm or disrupt the computer operation of the victim. If you want to understand how malware and cyber-attacks work, this is the right course for you. In this course, you will learn how to analyze malware and incidents that happened using malicious code.

What you’ll learn:

After completing this course, learners should be able to:

How malware and Windows internals work
How to create a safe and isolated lab environment for malware analysis
What are the techniques and tools to perform malware analysis
How to perform static analysis to determine the metadata associated with malware
How to perform dynamic analysis of the malware to determine its interaction with the process, file system, registry, and network
How to perform code analysis to determine the malware functionality
How to analyze downloaders, droppers, keyloggers, file malware, HTTP backdoors, etc.
Ability to acquire a memory image from suspect/infected systems
Understanding of the techniques used by the malware to hide from Live forensic tools
Investigative steps for detecting stealth and advanced malware
Techniques to hunt malware

Who Should Attend:

IT Security Professionals
IS Managers
System Managers
Government Employees
SOC Professionals
Digital Forensic and Malware Analysts
Incident Response Team Members
Ethical Hackers
IT System Administrators
Reverse Engineers with 0 – 2 yrs of experience
System administrators

Suggested Prerequisites:

Students should be familiar with using Windows and Linux operating environments and be able to troubleshoot general connectivity and setup issues.
Students should be familiar with VMware Workstation and be able to create and configure virtual machines.
Students are recommended to have a high-level understanding of key programming concepts, such as variables, loops, and functions; however, no programming experience is necessary.

Detailed Outline:

Introduction to Malware
Classification of Malware
Notable Cases of Malware Attacks
Cyber Kill Chain of Malware
Impact of Malware on Computer Systems
Various Methods of Malware Infiltration
The exploitation of Systems by Hackers through Malware
Vulnerabilities in Anti-virus Software
Evading Anti-Virus Protection with Malware
Malware Analysis – The Big Picture
Malware analysis – Overview and process
Setting Up Our Own – Sandbox VM Machine
Malware Analysis
- Static Analysis
- Dynamic Analysis
- Code Analysis
- Behavioral Analysis

Getting Started Analyzing Malware Infections
Performing Malware Analysis on Malicious Documents
Getting Started with Reverse Engineering
Identifying and Defeating Code Obfuscation
Identifying and Defeating Packing
Reverse Engineering Malware with Ghidra
Playing with YARA Rule Parts and Usage
Writing the YARA Rules
Defeating Anti-reverse Engineering
Anti-debugging Techniques
Effective Implementation
- Security Controls
- Antivirus
- Firewall etc.
Removal of Malware
- Manual
- Automatic etc.

Challenges and Labs for Participant:

During the training, participant is going to perform a live malware analysis of 5 infected VM systems, VM Machine is infected by a different kinds of malware include Micros malware, Spywares, Java base Malware, RAT, etc. They have to investigate the malware activity and root cause of it.