The Malware Analysis course is a 100 level course. While intermediate topics and course material will be discussed, it is wholly designed for students interested in Basic Malware Analysis Techniques. Lunarline’s 3 day hands on course will provide students demos and lessons on basic/static analysis methodologies, conducting open source research online and real-life examples of malware capabilities and characteristics. Students will have guided instruction and practice handling and collecting malware samples, responding to infected systems, and extended practice using current malware analysis tools and methods. Each lab builds upon the next allowing for guided instruction.
- Administrivia (Course Overview, Bathrooms, Breaks) Instructor and Student Introductions
- Malware Analysis Methodology
- How to Conduct Open Source Research
- How to Identify Malware
- Determining the Threat Level of Malware
- Capabilities and Characteristics of Malware
In the course, students will learn:
- Malware Classification
- Target Types
- Infection Phases
- Methods of Infection
- Common Malware Behavior
- Malware Removal Techniques
- The 4 Main Analysis Techniques
- Common System and Networking Tools
- Debugging / De-obfuscation
- Overview of Windows System Internals (DLL’s, Kernel Hooks, and etc.)
- Reverse-engineering Concepts
- Volatile Data Collection
- Non-volatile Data Collection
- Examining Indicators of a Malware Infection/File Profiling
- Memory Analysis
- Network Packet Analysis/File & Object Carving From Network Traffic
- Online File Analysis/Reputation Sites
- Malware Sample Sites
- IP/Domain lookups
- Overview of capabilities
- Understanding PCAP files
- Wireshark filtering
- Tips and tricks
This class is intended for individuals with basic and intermediate knowledge of information systems and systems security.
Course includes the following takeaway items:
- A student instruction book; selected movie clips, and handouts of relevant articles.
- A CD with tools and other useful reference items introduced in the course.
- Access to the learning portal where students will be able to download the current and latest tools available on the internet after completing the course.
Every student participating will receive a certificate of successful participation in this course, which will allow you to claim hours of Continuous Professional Experience for your existing certifications.
Continuing Professional Education Units (CPEUs) Earned (hours): 24