Cyber Security Trainings | Solution Deployment | SOC Services | Project Management
Cyber Security Trainings | Solution Deployment | SOC Services | Project Management
Signed in as:
filler@godaddy.com
In this course the attendees will learn how to analyse a piece of Malware. This course explores in depth about some of the advanced malware tools and Techniques. This course is specially designed for forensic investigators, incident responders, security engineers who are involved in performing live forensics and investigations during an Incident response process. It will help these professionals to acquire the knowledge and skills and examine malicious programs that target and infect various systems.
This course will teach the attendees how to build an isolated, controlled environment to safely analyse the behaviour of malicious program.
This course also leverages dissemblers and debuggers to analyse the inner working of malicious processes.
This course will teach how to derive various IOC’s from Malicious programs and use them to perform Threat Hunting and detecting lateral movements.
Day 1:
During the first day the attendees will learn how to safely execute suspicious code in the controlled environment along with most important security precautions. Teach the trainees how to perform basic static, behavioural, network and automatic analyses – what tools can be used, what to look for, what can be found. Give the trainees the opportunity to use various popular tools during the analyses and let them decide what tools are best suited for different type of analyses. Present common malicious software behaviours and patterns – which can be later used to create proper signature.
Sending sample to the analysis.
Detecting packers and protectors
Strings extraction and analysis
PE structure and headers analysis
Import table analysis
PE resources analysis
Searching for embedded objects
Executing malware sample
Process Explorer analysis
Regshot analysis
Process Monitor analysis
Searching for Rootkit artifacts
Day 2:
During this day, the attendees will learn the fundamentals of advanced static analysis. They will have the opportunity to disassemble live malware samples with the help of IDA disassembler to determine their functionality and gain additional knowledge of how malicious code works. During the first part of the day, the attendees will be introduced to the IDA disassembler, which is currently most widely used disassembler. They will learn how to navigate through the code, use different views and functions, as well as how to enhance and comment disassembled code. During the later part of the day, they will learn how to find key parts in the code and how to analyse disassembled functions. Finally, they will learn basic anti-disassembly techniques.
Opening and Closing samples
IDA Pro interface
Disassembly view
Basic Navigation
Functions
Enhancing assembly code
Day 3:
During this day, the attendees will learn practical elements of advanced dynamic analysis and debugging of malicious code. Using a debugger to analyse artifacts helps the attendees to understand how the malicious code operates and gives them more details than the behavioural analysis. If the original sample is packed then then attendees will unpack it first with the help of a debugger if necessary before proceeding with the static analysis.
Basic Debugging and Code Navigation
Breakpoints
Execution Flow Manipulation
Plugins
Packers and protectors
Unpacking UPX packed samples
Unpacking a Dyre Samples
Malware Reverse Engineering is a very advanced level training that cover some of the advanced tools for analyzing and reverse engineer malware at a code level. All attendees must have a general idea about core programming concepts such as variables, loops, and functions in order to quickly grasp the relevant concepts in this area; however, no programming experience is necessary.
It is highly recommended that all the attendees should bring their own laptop with the following Software/Hardware requirements:
If customers can’t find it, it doesn’t exist. Clearly list and describe the services you offer. Also, be sure to showcase a premium service.
Course Brouchure (pdf)
Download