Malware Reverse Engineering?
What has become accepted as “malware reverse engineering training” involves full-spectrum analysis of malicious code both dynamically (run-time) and statically (disassembly). What this means for “run-time” analysis is that you put the malware on a virtual machine and run a packet sniffer (like Wireshark), a registry monitor (like RegShot), a file monitor (like CaptureBat) and then a process monitor (like Process Explorer and Process Monitor). Debugging involves looking at the malware in a disassembler (like IDA Pro). The goal is to understand the code and its behavior to find the functionality and or obfuscation methods within the malicious binary.
The goal of our malware analysis and reverse engineering training class is to provide a methodical hands-on approach to reverse-engineering by covering both behavioral and code analysis aspects of the analytical process. We will also give ample time in practical labs that focus on specific malware reverse engineering concepts.
This course was created to fill a need in the community to expand both awareness and knowledge of malware. Cyber actors continue to develop and deploy complex malware to target nearly every industry, and it is imperative that analysts be educated to analyze these samples and employ the techniques to help mitigate these threats
We recommend that individuals have a Certified Ethical Hacker certification, similar professional experience, or have completed the CEH training course, to be most successful in this training. However, though this course features advanced concepts, our hands-on training structure makes it easy to learn. Even those with limited exposure to programming or incident response will find little difficulty in grasping course content. This is the beginning of a new era in malware reverse engineering training that enables anyone to obtain superior reverse engineering skills.
- Cybersecurity Analyst
- IT Compliance Analyst
- Why Take Malware Prevention Analyst
- Incident Response Analyst
Skills and Concepts:
Malware Reverse Engineering (MRE) is a 5-day hands-on workshop with a sole focus on malicious code analysis. In this course you will learn and perform both dynamic and static analysis on all major file types (PE files, PDF docs, Office docs, etc). You’ll learn how to carve malicious executables from documents, unpack malicious binaries and recognize common malware tactics.
Tools & Techniques for “Run-Time” Analysis
- Crash-Course in x86 Assembly
- Basic Static Analysis
- Network Traffic Analysis
- Debugging & Disassembling Malicious Binaries