Almost every Incident Response involves some Trojan, back door, virus component, or rootkit. Incident Responders must be able to perform rapid analysis on the malware encountered in an effort to determine the purpose of unknown code. MANDIANT's malware analysis courses provide students with in class demonstrations, exercises where the students follow along with the instructor and labs where the students practice what they have learned on their own.
Almost every Incident Response involves some Trojan, back door, virus component or rootkit. Incident Responders must be able to perform rapid analysis on the malware encountered in an effort to determine the purpose of unknown code. Without understanding the function of the malware, remediation efforts usually fail to meet expectations. This course provides an introduction to the tools and methodologies used to perform dynamic and static analysis on portable executable programs found on Windows systems.
Students will learn:
The malware author’s evil job is to develop software that can collect and return data, run undetected, frustrate reverse-engineering efforts, and make detection almost impossible. This course builds on the material presented in the Introduction to Malware Analysis course and focuses on three topic areas that are key to successful malware reverse engineering: disassembly, debugging, and Windows internals.
Students will learn:
Many malware authors take deliberate steps to thwart the reverse engineering of their tools. Students will learn to combat sophisticated malware head-on by studying its anti-analysis techniques. This course focuses on advanced topic areas related to combating malware defense mechanisms. As such, a practiced and robust malware analysis skill set is required. Before learning specific malware anti-analysis techniques, students will arm themselves with critical skills by learning to script IDA Pro and various debuggers to overcome challenging or repetitive tasks. Students will learn detailed information about defeating packed and armored executables and be challenged to defeat several difficult specimens throughout the course. Malware stealth techniques such as process injection and rootkit technology will be introduced and tools and methodologies will be presented to aid analysis of such techniques.
Students will learn:
Think you are ready for a fire hose blasting the art of Malware Analysis into your brain? Our Malware Analysis Crash Course is just the class for you. In two days of intense instruction, students will be led on a fast paced journey that covers the art of malware analysis. If this class was a car, we would be saying prepare to go from “zero to sixty” in the blink of an eye.
Students will learn:
This course spans both introductory and intermediate malware analysis techniques. It is targeted at individuals and organizations that want an intense, yet nicely paced class that will help transform students new to malware analysis into investigators with a solid skill set. Instruction will focus on tools and methodologies used to perform dynamic and static analysis of portable executable programs found on Windows systems.
Students will learn:
Contact education@mandiant.com to find out where our award-winning courses are being offered or to set-up a private class.