Malware Analysis - Spring 2017

Dive into the world of malware analysis through this comprehensive lecture series from the University of Cincinnati's CS7038 course. Learn essential skills from setting up virtual environments to advanced static and dynamic analysis techniques. Explore malware taxonomy, online research methods, and tools like VirtualBox and Immunity Debugger. Master assembly language, data encoding, and memory layout concepts. Analyze various malware carriers including PDF and MS OLE documents. Gain hands-on experience with attack simulations, code analysis, and runtime debugging to develop a robust understanding of malware behavior and detection strategies.

CS7038: Wk01.1 Class Intro and VirtualBox Demo.
CS7038: Wk01.2 - VirtualBox Lab Setup and Crash Course.
CS7038: Wk02.1 - VirtualBox Lab Setup and Attack Simulation Demo.
CS 7038: Wk02.2 - Analyzing the Attack With Basic Tools.
CS 7038: Wk03.1 - Malware Taxonomy & Terminology.
CS7038: Wk03.2 - Malware Research Online.
CS7038: Wk04.1 - Static Analysis Introduction.
CS7038: Wk04.2 - Static Analysis (cont.).
CS7038: Wk05.1 Static Analyzers and Yara Experiments.
CS7038: Wk05.2 - Assembly Language Crash Course.
CS7038: Wk06 - Deeper Dive: x86 32/64 Assembly.
CS7038: Wk07.2 - Static Code Analysis and Yara Detection Demo.
CS7038: Wk08.1 - Numeric Data Encoding, Endianness, and Layout in Memory.
CS7038: Wk08.2 - Analysis of Complex Data Structures.
CS7038: Wk09.1 Analyzing PDF Documents.
CS7038: Wk09.2 Analyzing MS OLE / CFB Documents.
CS7038: Wk11.1 PDF Malware Carrier Documents - Attack Analysis.
CS7038: Wk11.2 Walk Through Static Analysis of Malicious PDF.
CS7038: Wk12.1 Dynamic Analysis and Run-Time Debugging Concepts.
CS7038: Wk12.2 Debugging and Run-Time Analysis Demo.
CS7038: Wk13.1 Run-Time Debugging With Immunity Debugger Demo 1.
CS7038: Wk13.2 Run-time Analysis of PDF Exploit and Backdoor installation, w/ Immunity Debugger.