3-DAY TRAINING 2: Modern Malware Warfare: Basics, Delivery, and Advanced Analysis


CAPACITY: 30 pax


EUR2599 (early bird)

EUR2999 (normal)

Early bird registration rate ends on the 12th of January


Dive deep into real world malware events.  Tear them apart.  Unwrap the layers of obfuscation.  Find the exploit.  Protect your network.  Explore exploits kits and ransomware.  Join the fun and make the world a little safer.

This course is designed to take you deep into all stages of a malware attack – from delivery to the final payload.  You will learn the tools and techniques necessary to perform exhaustive analysis on modern malware.

Who Should Attend

Anyone wishing to dig into malware on a deeper level

Key Learning Objectives

How to pull real-world malware apart.

Preequisite Knowledge

None- but some background in programming and architecture will be helpful.

Hardware / Software Requirements

Bring a laptop with VMware Workstation, Player, or Fusion installed. Be sure you have plenty of RAM and Disk space to run the supplied VM.


DAY 1 – Performing Malware Analysis

  • Performing open source intelligence gathering – strings, hashes and VirusTotal

  • Static and Dynamic analysis: monitoring tools, sandboxes, parsing tools and more

  • Understanding delivery mechanisms: Office documents, JavaScript attachments and the use of social media

  • Digging into Exploit Kits: Anatomy of a server compromise and the initial stages of an attack

  • Using Next-Gen Security Tools, like Bromium

DAY 2 – Distribution Methods and Exploit Kits

  • Unraveling Exploit Kit obfuscation – digging deeper into EK infrastructure

  • Finding the exploit – analyzing malicious browser plugins

  • Analyzing the exploit

  • Advanced malware analysis – leveraging debuggers and IDA Pro to enhance analysis

  • Identifying packing and other code obfuscation techniques

DAY 3 – Advanced Analysis Techniques

  • Malware use of Shellcode – extracting and analyzing

  • Anti-Analysis techniques and how to defeat them

  • Malware Persistence

  • Analyzing other file formats – looking at executables that utilize byte-code

  • Detecting EKs in the Wild – techniques for detection and prevention

  • Gathering Indicators of Compromise – Making the world a safer place!

Location: Training Rooms Date: April 9, 2018 Time: 9:00 am - 6:00 pm Dr. Jared DeMott Josh Stroschein