Malware analysis and reverse engineering
Information & Cyber security

Malware analysis and reverse engineering

COURSE OBJECTIVE
60
LAB
56
INSTRUCTOR KNOWLEDGE
60
COURSE CONTENT PLAN
52
Summary rating from 84 user's marks. You can set own marks for this article - just click on stars above and press "Accept".
57

MALWARE ANALYSIS

 

Summary: The course focuses on training the analyst for finding malware and analyzing it.The course teaches fundamentals of Windows OS from malware forensics perspective.During the 5-day period, all the attendees will analyze multiple malware samples of various categories including RATs, Botnets, Key loggers, APT malware etc.

Student Lab Requirement:

Vmware Workstation 10.X or later/ Fusion 6.0+/ Player 6+ running Windows 7/XP, 100 GB free disk space

Content

1. Overview on current Threat Landscape

  • 1.1. Malware Categorization
  • 1.2. Cyber Kill Chain
  • 1.3. APTs

2. Building Malware Analysis Lab.

3. Windows System Structure (forensics Context)

  • 3.1. Processes
  • 3.2. Prefetch Files
  • 3.3. Browser
  • 3.4. Auto runs
  • 3.5. Scheduled Tasks
  • 3.6. Registry
  • 3.7. Windows Artifact Analysis from various locations)
  • 3.8. Timeline Analysis
  • 3.9. Time stamping

4. Static Analysis

  • 4.1. Scanning, Hashing, Fuzzy Hashing
  • 4.2. Unpacking
  • 4.3. Find Anomalies
  • 4.4. Visualization
  • 4.5. File Analysis
  • 4.6. PE Analysis
  • 4.7. Document File Analysis
  • 4.8. PDF analysis

5. Dynamic Analysis

  • 5.1. Building the lab
  • 5.2. Snapshot
  • 5.3. Network Interactions
  • 5.4. Sandboxes
  • 5.5. Sandbox Evasion Techniques

6. Network Artifact Analysis

  • 6.1. PCAP analysis
  • 6.2. Evidence Extraction from PCAPs
  • 6.3. Tracing Malware communications

7. Memory Forensics

  • 7.1. Overview
  • 7.2. Processes and Threads
  • 7.3. Data Structures
  • 7.4. Recovering Files
  • 7.5. Process Memory
  • 7.6. Hooks
  • 7.7. Finding Hidden Processes
  • 7.8. Memory Acquisition
  • 7.9. Finding Malware in memory
Book Your Course
devashish.jpg

I

t always gives an pleasure and amazing feeling when someone ask me “Hey, I wanna learn more security stuff” and I say ” why don’t you go there..” And response is always “do you mean Dwarka or troika or vikas and govil..?? I always add by saying proudly that whatever I am or where ever I’ll go is all because of them. No alternatives no confusions just go and grow.

deepak.jpg

T

roika is the place where the guidance and learning given is completely extempore and in depth. A topic is covered till even a single person is able to answer almost everything about it with confidence. So I like the way a topic is chased and learned to everyone with exposure to real time industry scenarios.

(Redington gulf)

Deepak Mishra
naveen.jpg

T

roika is certainly a tremendous approach to master the information security aspects and technologies. It helped upgrading my signature from technical support to It security Specialist and ensures more upgrades in near future.

amit1.jpg

I

worked with an MNC for last 3 years in a track which has no growth and career options. So started my Hunt and of course Search engine is the first that we use. Some of my friends recommended to go with IT/Network security as a first Go and suggested me to Join troika. The very first day in Troika gave me a lot of learning, confidence, opportunities, reasons and most important Learning and growth is a priority.
It’s almost 1 year I have completed with troika and still thankful that I did not opt to use Search Engine optimization for a hunt of institutes.

Phone: +91 96540 16484
mobile: +91 958 290 7788
B-71, Shalimar Garden Extn-2, Sahibabad, Ghaziabad, Near Raj Bag Metro Station
IT Monteur
Style switcher RESET
Body styles
Color settings
Link color
Menu color
User color
Background pattern
Background image