Intro to Malware Behavioral Analysis Training (MA01)
Cost
$1,495
Continuing Education Credits
21 Hours
Duration
3 Days or 6 Nights
Formats Available
Live In-Person
Live OnlineJob Target
Anyone looking to learn about Malware Analysis
Includes
-
70% Hands-On Training, geared to give you experience
-
Exciting Capture-the-Flag challenges, based on real malware
-
Focus on methodology for quickly discovering IOCs
-
Expert Trainers with Real-World Experience
- Outstanding Reviews
Description
This hands-on course focuses on tools and techniques to analyze and reverse engineer malicious software with an emphasis on quickly discovering IOCs (Indicators of Compromise). The course includes steps on how to stand up and configure an environment for safe malware analysis. The course is focused on tools and techniques used for behavioral analysis. Techniques learned will be applied to real-world malware samples where learners will identify common malware characteristics used by bots, keyloggers, rootkits, worms, etc.
-
Malware Analysis Overview
-
Behavioral Malware Analysis
-
Basic Static Analysis
-
Basic Dynamic Analysis
General knowledge of computer, networking, and operating system fundamentals. Some exposure to malware, assembly language, and programming recommended.
No Exam for this course
TOPICS COVERED
-
File Formats
-
PE Format structure and sections
-
Functions
-
Dynamic Link Libraries
-
Virtualization Usage
-
Virtualization Detection by Malware
-
Threads
-
Handles
-
Process Trees
-
Dependency Tracing
-
Registry Modification
-
File System Manipulation
-
Network Traffic Analysis
-
Sandboxes
-
Context Piecewise Hashing (Fuzzy Hashing)
-
Malware Analysis Goals
-
Indicators of Compromise
-
Malware Signatures
-
Static and Dynamic Analysis
-
Malware Categories
-
Mass vs Targeted Malware
-
Advanced Persistent Threat (APT)
-
Malware Analysis Methodology
-
Antimalware Tools
-
Malware Attributes
-
Hashing Fundamentals
-
Strings and character encoding
-
Packed and Obfuscated Malware
-
Linked Libraries and Functions
-
DLL Hijacking
-
Magic Labels
-
Import Hashing
SOFTWARE AND TOOLS USED (NOT INCLUSIVE)
-
Dependency Walker
-
PEview
-
PEiD
-
OllyDbg
-
Notepad++
-
Hex Editors
-
Multiple Windows Sysinternals tools
-
WinMD5
-
HashCalc
-
Wireshark
-
ncat
-
FakeNet
-
ApateDNS
-
Regshot