Malware Analysis
Malware Analysis Malware, short for malicious software is designed to infiltrate computer system/s and wreck havoc on the operating system, network or application. Most systems contain bugs, or loopholes, which may be exploited by malware. Malware includes computer viruses, worms, Trojans, adware, spyware, backdoors, crime ware, most root kits, and other malicious and unwanted software.

 A significant percentage of today's malware is intended to allow crimes to be committed against its victims. In many cases, the crimes are aimed at specific organizations or industry groups.

About the Workshop

Almost every incident response involves some trojan, back door, virus component, or root kit. Security Specialists must be able to perform rapid analysis on the malware and understand the functionality of the malware, without which, remediation efforts usually fail to meet expectations.

This workshop teaches how to reverse engineer malicious programs using a variety of system and network monitoring utilities, a dissembler, a debugger, and other tools covering both behavioral and code analysis aspects of the analysis. This process helps in assessing the event's scope, severity, and repercussions. It also assists in containing the incident and in planning recovery steps.

Workshop Benefits

This workshop provides an introduction to the tools and methodologies used to perform dynamic (behavioral) and static (code) analysis on portable executable programs.

The workshop covers various aspects of malware analysis helping participants understand how to

  • Set up an inexpensive and flexible laboratory for understanding the working of malicious software
  • Examine the program's behavioral patterns and code by experimenting with reverse-engineering compiled Windows executables and browser-based malware.
  • Examine malicious code to understand the program's key components and execution flow
  • Identify common malware characteristics by looking at Windows API use patterns
  • Examine excerpts from bots, rootkits, key loggers, and downloaders
  • Work with PE headers and handle DLL interactions
  • Tools and techniques for bypassing anti-analysis capabilities of armored malware
  • Experiment with packed executables and obfuscated browser scripts.

The entire workshop is driven by hands-on exercises.

Who should attend?

This workshop will significantly benefit professionals responsible for handling computer security related incidents.

  • IS / IT Specialist / Analyst / Manager
  • IS / IT Auditor / Consultant
  • IT Operations Manager
  • Security Specialist / Analyst
  • Security Manager / Architect
  • Security Consultant / Professional
  • Security Officer / Engineer
  • Security Administrator
  • Security Auditor
  • Network Specialist / Analyst
  • Network Manager / Architect
  • Network Consultant / Professional
  • Network Administrator
  • Senior Systems Engineer
  • Systems Analyst
  • Systems Administrator
  • Malware Analyst
  • Incident Response Specialist / Manager
  • Computer Forensic Investigators

Anyone aspiring to perform dynamic (behavioral) and static (code) analysis of malware would benefit from this workshop.

Workshop Contents

  • Introduction to Malware
  • Classification of Malware
  • Introduction to Windows Architecture and Assembly Language
  • Working with PE headers of malicious Windows executables          
  • Dynamic Malware Analysis
  • Static Malware Analysis
  • Introduction to Dissembler
  • Anti-Reversing Techniques
  • Vulnerabilities and Exploits
  • How to clean the infected box
  • Practical Sessions
Customer Feedback