With the increasing geopolitical tension and high reputational and financial risks associated with potential compromises, malware analysis becomes more and more in demand. While it is possible in some cases to get a basic understanding of malware capabilities using behavioral analysis, it will show at best only part of the picture. In this course, we are going to follow the comprehensive approach covering the fundamental prerequisites before diving deep into all the nuances of static and dynamic analysis of various types of Windows executables operating in user mode so that it can be done fast and efficiently with nothing missed. During the course, we are going to work with real malware samples of various complexity.
Training level: Basic;Intermediate ;Advanced
From zero to hero with no shortcuts: start dissecting malware like a pro!
Day 1: Fundamentals: x86 platform & Windows executables
Day 2: Level up: unpacking & decryption
Day 3: Beyond assembly: VB & .NET-based threats
The course is designed to suit all levels of expertise, from complete beginners to mature reverse engineers who want to level up and fill in potential gaps in their knowledge. Some prior knowledge of informatics, C programming, or reverse engineering will help speed up the process but is not obligatory.
Students who want to enter the cybersecurity field, malware analysts, SOC analysts, incident responders, or anyone who is interested in malware analysis.
A virtual machine set up to analyze malware safely with all the required software pre-installed there
By the end of the course, you should become able to confidently analyze various types of Windows executables of pretty much any level of complexity.
Because the course duration is only 3 days, we won't be able to cover absolutely all possible aspects of Windows malware including but not limited to script- or macro-based malware, exploits, kernel-mode threats, or more advanced topics like process injections or anti-RE techniques, these will be subject of future courses.
Alexey Kleymenov is a malware analyst and a software engineer with 14+ years of practical reverse engineering experience at several international antivirus companies. He took part in numerous e-crime and targeted attack-related investigations, and developed various systems to perform threat intelligence across both the traditional PC environment and the emerging IoT and OT areas. Alexey is a member of the ISC2 organization holding the CISSP certification and authored several patents in these fields. Finally, he is an author of the "Mastering Malware Analysis" book and a founder of the “Reverse Engineering and More” project teaching people how to perform malware analysis.