Course Description

You will analyze and reverse engineer malicious software in this entry-level course. Begin by configuring an environment for safe malware analysis, learn how to discover indicators of compromise (IOCs) quickly, then conduct a behavioral analysis.

You will apply the tools and techniques you learn to real-world malware samples, where you will identify common malware characteristics used by bots, keyloggers, rootkits and worms.

Course Outline

• Malware Categories, Signatures and Analysis Goals
• Advanced Persistent Threat (APT) Detection
• Import Hashing and Context Piecewise Hashing
• Strings and Character Encoding
• DLL Hijacking
• File Formats, Portable Executable Formats and Dynamic Link Libraries
• Registry Modification and File System Manipulation
• Network Traffic Analysis

Learner Outcomes

At the end of this course, you will be able to:

• Create an isolated and controlled environment for analyzing malware
• Use system level and code level reversing tools
• Disassemble malicious software
• Run malicious software in a debugger to understand its behavior
• Assess stack overflow vulnerabilities and exploits
• Recognize malware tactics and behavior
• Understand malware obfuscation tactics

Notes

Recommendations

It is recommended that you have a general knowledge of computer, networking and operating system fundamentals. Experience with malware, assembly language and programming is preferred.

Accrediting Associations

• Information Systems Audit and Control Association (ISACA) 18.0 CPE