Early bird registration rate ends on the 1st of September
Dive deep into real world malware events. Tear them apart. Unwrap the layers of obfuscation. Find the exploit. Protect your network. Explore exploits kits and ransomware. Join the fun and make the world a little safer.
This course is designed to take you deep into all stages of a malware attack – from delivery to the final payload. You will learn the tools and techniques necessary to perform exhaustive analysis on modern malware.
Anyone wishing to dig into malware on a deeper level
How to pull real-world malware apart.
None- but some background in programming and architecture will be helpful.
Bring a laptop with VMware Workstation, Player, or Fusion installed. Be sure you have plenty of RAM and Disk space to run the supplied VM.
DAY 1 – Performing Malware Analysis
Performing open source intelligence gathering – strings, hashes and VirusTotal
Static and Dynamic analysis: monitoring tools, sandboxes, parsing tools and more
Understanding delivery mechanisms: Office documents, JavaScript attachments and the use of social media
Digging into Exploit Kits: Anatomy of a server compromise and the initial stages of an attack
Using Next-Gen Security Tools, like Bromium
DAY 2 – Distribution Methods and Exploit Kits
Unraveling Exploit Kit obfuscation – digging deeper into EK infrastructure
Finding the exploit – analyzing malicious browser plugins
Analyzing the exploit
Advanced malware analysis – leveraging debuggers and IDA Pro to enhance analysis
Identifying packing and other code obfuscation techniques
DAY 3 – Advanced Analysis Techniques
Malware use of Shellcode – extracting and analyzing
Anti-Analysis techniques and how to defeat them
Malware Persistence
Analyzing other file formats – looking at executables that utilize byte-code
Detecting EKs in the Wild – techniques for detection and prevention
