Malware Analysis and Reverse Engineering
Advanced Malware Analysis and Reverse Engineering – v.2 This Malware Analysis course will introduce students to modern malware analysis techniques and skills necessary to dissect malicious software in order to understand its mechanics and purpose. This course provides a holistic …
Advanced Malware Analysis and Reverse Engineering – v.2
This Malware Analysis course will introduce students to modern malware analysis techniques and skills necessary to dissect malicious software in order to understand its mechanics and purpose. This course provides a holistic approach to dissecting malware.
Companies around the world are losing billions of dollars every year because of information security breaches usually caused by malware. The number of malware attacks grows yearly at an exponential rate. Malicious code or malware is a piece of code that intends to harm or disrupt the computer operation of the victim. If you want to understand how malware and cyber-attacks work, this is the right course for you. In this course, you will learn how to analyze malware and incidents that happened using malicious code.
What you’ll learn:
After completing this course, learners should be able to:
- How malware and Windows internals work
- How to create a safe and isolated lab environment for malware analysis
- What are the techniques and tools to perform malware analysis
- How to perform static analysis to determine the metadata associated with malware
- How to perform dynamic analysis of the malware to determine its interaction with the process, file system, registry, and network
- How to perform code analysis to determine the malware functionality
- How to analyze downloaders, droppers, keyloggers, file malware, HTTP backdoors, etc.
- Ability to acquire a memory image from suspect/infected systems
- Understanding of the techniques used by the malware to hide from Live forensic tools
- Investigative steps for detecting stealth and advanced malware
- Techniques to hunt malware
Who Should Attend:
- IT Security Professionals
- IS Managers
- System Managers
- Government Employees
- SOC Professionals
- Digital Forensic and Malware Analysts
- Incident Response Team Members
- Ethical Hackers
- IT System Administrators
- Reverse Engineers with 0 – 2 yrs of experience
- System administrators
- Students should be familiar with using Windows and Linux operating environments and be able to troubleshoot general connectivity and setup issues.
- Students should be familiar with VMware Workstation and be able to create and configure virtual machines.
- Students are recommended to have a high-level understanding of key programming concepts, such as variables, loops, and functions; however, no programming experience is necessary.
- Introduction to Malware
- Classification of Malware
- Notable Cases of Malware Attacks
- Cyber Kill Chain of Malware
- Impact of Malware on Computer Systems
- Various Methods of Malware Infiltration
- The exploitation of Systems by Hackers through Malware
- Vulnerabilities in Anti-virus Software
- Evading Anti-Virus Protection with Malware
- Malware Analysis – The Big Picture
- Malware analysis – Overview and process
- Setting Up Our Own – Sandbox VM Machine
- Malware Analysis
- Static Analysis
- Dynamic Analysis
- Code Analysis
- Behavioral Analysis
- Getting Started Analyzing Malware Infections
- Performing Malware Analysis on Malicious Documents
- Getting Started with Reverse Engineering
- Identifying and Defeating Code Obfuscation
- Identifying and Defeating Packing
- Reverse Engineering Malware with Ghidra
- Playing with YARA Rule Parts and Usage
- Writing the YARA Rules
- Defeating Anti-reverse Engineering
- Anti-debugging Techniques
- Effective Implementation
- Security Controls
- Firewall etc.
- Removal of Malware
- Automatic etc.
Challenges and Labs for Participant:
During the training, participant is going to perform a live malware analysis of 5 infected VM systems, VM Machine is infected by a different kinds of malware include Micros malware, Spywares, Java base Malware, RAT, etc. They have to investigate the malware activity and root cause of it.
Tools Going to Use During Training
During training, we are going to use all professional tools of malware analysis, Paid or freeware Include
- Hybrid Analysis
- Process Hacker
- Process Monitor
- Network Miner
- Cuckoo Sandbox
- Hex Editor
- Any Run Tool
- Regshot etc.