Facebook-f Twitter Youtube Linkedin
Cart

A PRACTICAL APPROACH TO MALWARE ANALYSIS, HUNTING AND MEMORY FORENSICS

$3,299.00

REGISTER

Duration

3 days

Delivery Method

virtual

Level

beginner

Seats Available

20

Duration

3 days

Delivery Method

virtual

Level

beginner

Class mode: VIRTUAL LIVE STREAMĀ 

Ask us about upcoming dates!

 

This hands-on training teaches concepts, techniques and tools to understand the behavior and characteristics of malware by combining two powerful techniques, malware analysis and memory forensics.

Malware analysis and memory forensics are powerful analysis and investigative techniques used in reverse engineering, digital forensics and incident response. Adversaries are becoming more sophisticated and carrying out advanced malware attacks on critical infrastructures, Data Centers, private and public organizations. This makes detecting, responding and investigating such intrusions increasingly critical for information security professionals. Malware analysis and memory forensics have become a must-have skill for fighting advanced malwares, targeted attacks and security breaches.

This course will introduce attendees to basics of malware analysis,reverse engineering, Windows internals and memory forensics. It will then gradually progress deeper into more advanced concepts of memory forensics.

This course uses hands-on labs using real world malware samples and infected memory images (Crimewares, APT malwares, Rootkits etc) to help attendees gain better understanding of the subject. The training also shows how these techniques can be incorporated in a sandbox to automate malware analysis. After taking this course attendees will be equipped with skill to analyze, investigate and respond to malware related incidents.

Students will be provided with:

– Course material
– Lab solution material
– Videos used in the course
– Malware samples used in the course/labs
– Memory Images used in the course/labs
– Custom Scripts
– Linux VM (to be opened with VMware Workstation/Fusion) containing necessary tools and samples

Why You Should Take This Course

TBA

Who Should Attend

This course is intended for anyone interested in learning malware analysis and memory forensics. This includes:
  • forensic practitioners
  • incident responders
  • cyber security investigators
  • malware analysts
  • system administrators
  • software developers
  • students and
  • curious security professionals new to this field

Key Learning Objectives

  • How malware and Windows internals work

  • How to create a safe and isolated lab environment for malware analysis

  • What are the techniques and tools to perform malware anlaysis

  • How to perform static analysis to determine the metadata associated with malware

  • How to perform dynamic analysis of the malware to determine its interaction with process,filesystem, registry and network

  • How to perform code analysis to determine the malware functionality

  • How to debug a malware using tools like IDA pro, Ollydbg/Immunity debugger

  • What is Memory Forensics and its use in malware and digital investigation

  • Ability to acquire a memory image from suspect/infected systems

  • How to use open source advanced memory forensics framework (Volatility)

  • Understanding of the techniques used by the malwares to hide from Live forensic tools

  • Understanding of the techniques used by Rootkits(code injection, hooking etc)

  • Investigative steps for detecting stealth and advanced malware

  • How memory forensics helps in malware analysis and reverse engineering

  • How to incorporate malware analysis and memory forensics in sandbox

  • How to determine the network and host based indicators (IOC)

  • Techniques to Hunt Malwares

    • Prerequisite Knowledge

    The course assumes no prior knowledge of the subject and starts from the basics and slowly progresses towards advanced topics. – Students Should be familiar with using Windows/Linux – Students Should have an understanding of programming concepts, while programming experience is not mandatory. – Students Should have basic understanding of malware and its role in cyber attacks

    Hardware / Software Requirements

    – Laptop with minimum 4GB RAM and 30GB free hard disk space – Laptop with USB ports, lab samples and custom Linux VM will be shared via usb sticks – VMware Workstation or VMware Fusion (even trial versions can be used). – Windows Operating system (preferably Windows 10) installed inside the VMware Workstation/Fusion

    Your Instructor

    No data was found

    HACK IN THE BOX LIMITED

    Masdar City, United Arab Emirates