• Classroom
  • Online, Instructor-Led
  • Online, Self-Paced
Course Description

The Malware Analysis course is a 100 level course. While intermediate topics and course material will be discussed, it is wholly designed for students interested in Basic Malware Analysis Techniques. Lunarline?s 3 day hands on course will provide students demos and lessons on basic/static analysis methodologies, conducting open source research online and real-life examples of malware capabilities and characteristics.

Students will have guided instruction and practice handling and collecting malware samples, responding to infected systems, and extended practice using current malware analysis tools and methods. Each lab builds upon the next allowing for guided instruction.

Learning Objectives

  • Intro to Malware Analysis
    • Malware Classification
    • Target Types
    • Infection Phases
    • Methods of Infection
    • Common Malware Behavior
    • Malware Removal Techniques
  • Malware Analysis Methodology
    • The 4 Main Analysis Techniques
    • Common System and Networking Tools
    • Debugging / De-obfuscation
    • Overview of Windows System Internals (DLL?s, Kernel Hooks, and etc.)
    • Reverse-engineering Concepts
    • Labs:
      • Basic Static Analysis
      • Basic Dynamic Analysis - Analyzing Malware Behaviors
      • Identifying Packed/Obfuscated Executables
      • Reverse-engineering Demo
  • Malware Analysis Tools & Techniques
    • Volatile Data Collection
    • Non-volatile Data Collection
    • Examining Indicators of a Malware Infection/File Profiling
    • Memory Analysis
    • Network Packet Analysis/File & Object Carving From Network Traffic
    • Labs:
      • Collecting Volatile System Data
      • File Collection and Analysis
      • Collecting and Analyzing Windows System Memory
      • Controlled Malware Infection & Analysis (Blackhole Toolkit Exploit)
      • Java Exploit & PCAP Analysis (Packet Capture, File Carving & Open Source Research)
  • Open Source Research
    • Online File Analysis/Reputation Sites
    • Malware Sample Sites
    • IP/Domain lookups
  • Analysis Methods Using Wireshark
    • Overview of capabilities
    • Understanding PCAP files
    • Wireshark filtering
    • Tips and tricks

Framework Connections