Banner

Search Products




Advanced Search

Product Directory

Who's Online?

We have 32 guests online

Directory

Reverse-Engineering Malware: Malware Analysis Tools and Techniques

Vendor
SANS
Website
Visit the Product Site
Pricing Model
Commercial
Modified
Never
Owner
Potentate
Add'l Info
Location - Worldwide Duration - 4 days
Submit reviewRecommendReport
Rating
2 votes
Favoured:
1
By covering both behavioral and code analysis approaches, this unique course provides a rounded approach to reverse-engineering. As a result, the course makes malware analysis accessible even to individuals with a limited exposure to programming concepts. The materials do not assume that the students are familiar with reverse-engineering; however, the difficulty level of concepts and techniques increases quickly as the course progresses. In the first half of the course, the instructor explains how to set up an inexpensive and flexible laboratory for understanding inner-workings of malware, and demonstrate the process by exploring capabilities of real-world specimens. You will learn to examine the program's behavioral patterns and assembly code, and study techniques for bypassing common code obfuscation mechanisms. The course also takes a look at analyzing browser-based malware. In the second half of the course, you will review key assembly language concepts. You will focus on static code analysis, learning to examine malicious code to understand its flow by identifying key logic structures and patterns, looking at examples of bots, rootkits, key loggers, and so on. You will understand how to work with PE headers and handle DLL interactions. Next, you will develop skills for analyzing self-defending malware through unpacking techniques and bypassing code-protection mechanisms. Finally, you will discover how to bypass obfuscation techniques employed by browser-based malicious scripts. Hands-on workshop exercises are an essential aspect of this course, and allow you to apply reverse-engineering techniques by examining malicious code in a carefully-controlled environment. When performing the analysis, you will study the supplied specimens' behavioral patterns, and examine key portions of their assembly code.
Reviews (1)
Jax
byJax, January 8, 2010
Fast paced, cutting edge training. Turn your brain to maximum bandwidth and be prepared to receive some of the best vendor neutral reverse engineering training available.

Although this course is pitched toward malware, the techniques and tactics used will help you troubleshoot compatibility issues or configuration problems that we all experience every day/week/month.

This course will also benefit those moving from Level 2 to Level 3 (Advanced Analsyt) aiding them in discovering/twarting/recovering from an incident, especially if you do no have a dedicated malware team/individual.
Copyright 2004 through 2009 Computer Network Defence, Ltd.
All rights reserved