YoVDO

Advanced Malware Analysis: Redux

Offered By: Cybrary

Tags

Malware Analysis Courses Reverse Engineering Courses Assembly Language Courses x86 Architecture Courses Dynamic Analysis Courses Static Analysis Courses Memory Forensics Courses

Course Description

Overview

The Malware Analysis: Redux course equips participants to handle complex malware analysis tasks by reacquainting them with key analysis topics and exercises.

Prerequisites

Attendees should have a knowledge of malware analysis core concepts, a working malware analysis lab and a skill set in x86, x64 architecture and Windows APIs. A software development background is also recommended.

Course Goals

By the end of this course, students should be able to:

  • Triage malicious software
  • Understand the static and dynamic analysis process
  • Decipher file formats
  • Extract malware artifacts
  • Understand malware’s functionality
  • Learn about obfuscation techniques
  • Debug malware
  • Understand x86 and x64 Architecture
  • Understand assembly language
  • Learn about control structures
  • Disassemble malware
  • Unpack Malware
  • Learn how to hunt for malware in memory

Syllabus

  • RE Preparation
    • Module 1 Objectives
    • Reverse Engineering Process Review
    • Malware Analysis Tools
    • Malware Handling
    • Malware Components Part 1: Windows OS
    • Malware Components Part 2: PE Files and Memory
    • Malware Components Part 3: WinAPI and Registry
    • Malware Components Part 4: Malware Behaviors
    • Module 1 Summary
  • x86 & x64 Architecture
    • Module 2 Objectives
    • Numbering Systems
    • Computer Architecture Part 1: x86/x64
    • Computer Architecture Part 2: Assembly Language
    • Computer Architecture Part 3: Control Flow and Stack
    • Module 2 Summary
  • Dynamic & Static Malware Analysis
    • Module 3 Objectives
    • Dynamic Analysis Process Part 1
    • Dynamic Analysis Process Part 2
    • Dynamic Analysis Process Part 3: Advanced Analysis
    • Static Analysis Part 1
    • Static Analysis Part 2
    • Module 3 Summary
  • Malware Challenges
    • Module 4 Objectives
    • Malware Packers Part 1
    • Malware Packers Part 2
    • Obfuscation Part 1
    • Obfuscation Part 2: XOR
    • Obfuscation Part 3: base64
    • Identifying Encryption
    • Anti-Analysis Part 1
    • Anti-Analysis Part 2
    • Module 4 Summary
  • Memory Analysis
    • Module 5 Objectives
    • Forensics Process
    • Memory Analysis Part 1
    • Memory Analysis Part 2
    • Module 5 Summary
    • Course Summary

Taught by

Brian Rogalski

Related Courses

OS Analysis with Volatility
Pluralsight Getting Started with Memory Forensics Using Volatility
Pluralsight Introduction to Memory Forensics with Volatility 3
DFIRScience via YouTube Taking Memory Forensics to the Next Level
New York University (NYU) via YouTube Memory Forensics with Volatility - HackerSploit Blue Team Series
Linode via YouTube