Description
Windows Malware Analysis for Hedgehogs Course – Beginner Training. This course teaches more than reverse engineering because as a malware analyst you need different skills. You will learn how to classify samples into malware types, how to identify malware families, and how to determine file rulings such as clean, malicious, unwanted, unwanted, gray, or corrupt programs. Additionally, you’ll learn how malware persists, how to identify malicious autostart entries, and how to clean infected systems. This course aims to dispel common myths such as “Trojan in a detection name means the file is a Trojan horse” or “Antivirus detection names are a classification of malware”. As an experienced malware analyst working in an antivirus company since 2015, I have trained many beginners in this field. I understand the common problems and the concepts you need to understand to be proficient. Rather than providing shortcuts with step-by-step recipes, I focus on building a solid foundation that makes you flexible in the face of new malware developments. I will teach you how to distinguish between different types of files including installers, packages, packaged files, non-packaged files, composite files, and natively compiled files. You will learn what tools to use in what situations and how to analyze samples effectively. To do this, I will give you examples of methods that work for most situations. This course is ideal for you if you already have an IT background, such as hobbyists or professional programmers, computer enthusiasts, managers, computer science students, or gamers interested in the inner workings of software or IT security. If you have a strong interest in this topic but do not have the necessary IT background, I recommend that you learn programming first.
Tools: All the tools and web services we use during the course are free:
- x64dbg
- VirtualBox
- SysInternals collection
- PortexAnalyzer CLI and GUI
- VirusTotal (no account)
- Speakeasy by Mandiant
- API monitor
- CyberChef
- EXIFTool
- melt
- VBinDiff
- PESig analysis
- DnSpy
- C# Online Compiler programwiz
- TriD
- Easy to recognize
- ReNamer
- 7zip
- Notepad++
- HxD
- Malpedia
- lnk_parser
requirements
You must understand at least one programming language such as Python, C, C++, Java or C#. This is a critical requirement for the course, not only because we create small scripts throughout the course, but also because reverse engineering requires an understanding of software as a foundation. The specific language doesn’t matter, because you can’t learn every language you might encounter during analysis anyway. Although the programming concepts should be clear. If you’re not there yet, you shouldn’t buy this course and start learning C instead. C is great because it is low level and integrates well with x86 assembly language. Additionally, you must be able to read (not write) x86 assembly to understand everything in the course. Without assembly you will only understand two thirds of the content. So if you think to start this course right away and learn assembly on the side, it works well. During this course we will look at examples that use the following execution environments:
- x86, x64 assembly
- .Pure
- Batch
- PowerShell
- Nullsoft scripts
However, you don’t need to learn all of these languages. Since an analyst is exposed to new languages all the time, your skills are mostly in using the documentation, manuals, and help provided for those environments and languages. I also show you during the course how to use the documentation for the PowerShell example.
Out of scope: Malware analysis is a broad field, so inevitably there are topics I won’t teach in this course because they’d rather have their own course. Some of these topics include: assembly language, programming, how computers work, URL and website analysis, networks, malware analysis for platforms other than Windows, mobile malware, Internet of Things malware.
What you will learn in Windows Malware Analysis for Hedgehogs – Beginner Training course
-
Triage and reverse engineering of potentially malicious samples
-
Determine whether a file is malicious, clean, potentially junk, gray, corrupt, or junk
-
Write a malware report
-
Learn about common types of malware and how to identify them
-
Learn how and when to use parsers, debuggers, metadata viewers
-
Identify the malware family
-
Windows internals are essential for malware analysis, for example, the Windows Registry
-
Types of packaging, identification, principles of unpacking
-
Analysis of executable files, installers, wrappers, native scripts and .NET
This course is suitable for people who
- Ideal for people with IT experience or IT enthusiasts who are new to malware analysis and reverse engineering.
- Entry level or aspiring malware analysts
- Computer science graduates
- Software developers
- SOC analysts
- Entertainment programmers
Windows Malware Analysis for Hedgehogs – Beginner Training course specifications
- Publisher: Udemy
- teacher: Karsten Hahn
- Training level: beginner to advanced
- Training duration: 11 hours and 35 minutes
- Number of courses: 112
Course topics on 11/2023
Windows Malware Analysis for Hedgehogs – Beginner Training course prerequisites
- You know how to program in at least one language (eg Python, C, C#, Java, …)
- You are able to read x86 assembly
Course images
Sample video of the course
Installation guide
After Extract, view with your favorite Player.
English subtitle
Quality: 720p
download link
File(s) password: www.downloadly.ir
Size
6.1 GB
Be the first to comment