ANRC - Technology experts training solutions for security productivity

Intermediate Malware Analysis

Equipped with the behavioral Malware Analysis knowledge from the Basic Malware Analysis course you're ready to adventure into more advanced malware topics by attending the Intermediate Malware Analysis course. During this five day course we'll show you how to do Static Malware Analysis through a debugger. Since looking at assembly code in a debugger can be frustrating and almost impossible without a previous understanding of programming fundamentals and compiler operations we require that the students who attend this course have Assembly language knowledge or have completed our Assembly Basics and C Programming course. By having a previous understanding of Assembly language and programming in this course you'll be able to focus on how to do static malware analysis with confidence and clarity. During the week of instruction we introduce you to the OllyDbg Debugger. OllyDbg is the popular choice amongst Reverse Engineers and Malware Analysts worldwide. Through controlled evaluation using the debugger we'll teach you how to identify exactly what the malware specimen does and how it's doing it. After you've mastered the evaluation portion of the class we'll teach you how to patch the specimen to make it inactive or crack the program to allow full access to areas that have been hidden or encrypted by the malware developer. Students who attend this class will graduate with the following intermediate malware analysis skills:

+ Assembly language debugging fundamentals including:
     - Conversion methodology from source code to assembly code
     - Intel CPU memory management and structures
     - CPU control flows and order of operations

+ Olly Debugger including:
     - Tool overview
     - Stepping, Stepping Over and Running code
     - Useful Plug-ins and Add-ons
     - Breakpoint fundamentals and usage
     - Patching and assembling executables
     - Decrypting and decoding packed executables

Prerequisites:

+ Completion of Basic Malware Analysis course (required)
+ Completion of Assembly Basics and C Programming or Intel Assembly Language skills (required)
+ A strong understanding of Operating Systems is encouraged (see our Operating System Fundamentals course)
+ Basic scripting language is recommended (see our Computer Programming Fundamentals course)

Course Information:

5 days, MF, 40 hours. A certificate of completion will be given at the end of the course. Each student will be provided with a preconfigured laptop with all course training software. A Course CD will also be provided with all the tools at the end of the course.

Call us today for pricing and enrollment!