Introduction to Malware Analysis
Coursalytics is an independent platform to find, compare, and book executive courses. Coursalytics is not endorsed by, sponsored by, or otherwise affiliated with Georgia Tech Professional Education.Full disclaimer.
Malware is a growing threat to the information and intellectual property of organizations. This introductory course will provide a foundational understanding of malicious software, how malware has shaped the global cybersecurity landscape, and malware's future impact. Discussions and hands-on exercises will demonstrate malware analysis processes and their complexities, as well as illustrate how to appropriately size, design, and build an analytical capability best suited for your organization. You will prepare an analysis test-bed and analyze multiple malware samples. Explore advanced techniques and tools, including data exfiltration and stealthy operation, to understand the tactics of malware authors.
What You Will Learn
- Malware overview
- Analysis environment creation
- Static analysis
- Dynamic analysis
- Memory analysis
How You Will Benefit
- Develop foundational knowledge of malicious software, including its forms, traits, author motivations, and impacts.
- Identify, discuss, and practice sound malware analysis processes.
- Conduct analysis on multiple malware samples using modern disassembly, debugging, and analysis tools.
- Determine how to build an analytical capability to fit your organization, considering resource limitation and best practices.
- Discover black hat exploitation techniques, obfuscation techniques, and indicators of compromise.
- Delivery mechanisms
- Obfuscation techniques
ANALYSIS ENVIRONMENT CREATION
- Maintaining anonymity
- Assembly language overview/review
- Reverse engineering
- Analyzing with a disassembler
- Using static tools for analysis (hashes, strings, libraries)
- Analyzing with a debugger
- Monitoring processes and registry changes
- Analyzing network traffic
- Memory dumps
- Identifying suspicious indicators
Who should attend
This course is designed for information assurance officers (IAOs) and managers (IAMs), information security professionals charged with threat detection and incident response, and IT professionals seeking a greater understanding of potential malware threats and exploitation techniques. Familiarity with programming is assumed.