Malware Hunting and Analysis
Published by Pearson
Learn core concepts and see how to manage malicious software attacks
- Understand core malware analysis concepts
- Learn how to manage malicious software attacks
- Take part in real-world labs so you can get hands-on learning
Malware is the foundation of most cyberattacks. When computers get infected with viruses, ransomware, adware, trojans, and rootkits it is imperative for cybersecurity professionals to understand how these pieces of malicious software affect the computers and organizations they infect. In this course, you will gain a thorough understanding of malware analysis. The training will start with an introduction to malware analysis and then explore how to dissect and understand malicious software attacks.
This course is designed as an introduction, but you will be drinking from the firehose in this fast-paced, hands-on lab-centric course that will introduce you to the world of Windows malware, mobile malware concepts, and a basic understanding of Mac malware. More importantly, you will learn how to extract threat intelligence, IOCs, and other threat information from malware to better protect your environment.
What you’ll learn and how you can apply it
- Different types of malware, viruses, and trojans
- The differences between malware analysis, reverse malware engineering, and threat hunting.
- How to use different tools and techniques used for malware analysis.
And you’ll be able to:
- How to safely analyze malware
- How to use network tools to track malicious command and control systems.
- An introduction to basic mobile malware concepts
- How to hunt for malware using malware repositories
- How to extract threat intelligence from malware to protect systems
This live event is for you because...
- You have an understanding of cybersecurity fundamentals.
- You are interested in cybersecurity and penetration testing (ethical hacking)
- You want to learn different methodologies and best practices to perform security penetration testing assessments
Prerequisites
- Course participants should have a basic understanding of cybersecurity and networking, plus core familiarity with Microsoft Windows and Linux operating systems.
Recommended Preparation:
- Watch: Digital Forensics and Cyber Crime with Kali Linux Fundamentals by Aamir Lakhani and Joseph Muniz
- Read: Investigating the Cyber Breach: The Digital Forensics Guide for the Network Engineer by Joseph Muniz and Aamir Lakhani
- Watch: CompTIA Cybersecurity Analyst CySA+ Complete Video Course by Joseph Muniz and Aamir Lakhani
- Watch: Linux Fundamentals, 2nd Edition by Sander van Vugt
Recommended Follow-up:
- Watch: Security Penetration Testing The Art of Hacking Series LiveLessons by Omar Santos, Jon Sternstein, Ron Taylor, and Chris McCoy
- Watch: Internet of Things (IoT) and Embedded Devices - Part 1 by Aamir Lakhani
- Watch: Internet of Things (IoT) and Embedded Devices - Part 2 by Aamir Lakhani
Schedule
The time frames are only estimates and may vary according to how the class is progressing.
Section 1: Introduction to Malware Analysis (45 minutes)
- What is malware
- Types of malware
- Packers
- Analysis Evasion techniques
Break / Q&A Session: 10 minutes
Section 2: Building Your Own Malware Analysis Lab (45 minutes)
- Building your own lab
- Installing applications and other tools
- Reviewing the Installation and Tools
- Installing and using FakeNet and InetSIM
- Avoiding detection
Break / Q&A Session: 10 minutes
Section 3: Malware Static Analysis (60 minutes)
- Basic file info, magic number, and other info you need
- Basic static analysis
- File Identification and Strings Analysis
- Malware and traffic analysis with networking and packet captures
- Investigating Windows registry and scheduled tasks processes
- Introduction to basic debuggers on Linux
- Introduction to basic debuggers on Windows
Break / Q&A Session: 15 minutes
Section 4: Malware Dynamic Analysis (60 minutes)
- Introduction into dynamic analysis
- Identifying and unpacking malware
- Writing your own YARA rules to hunt for malware
- Threat Hunting with virus repositories
- Malware sandboxes
Section 5: Mac and Mobile Malware (45 minutes)
- A quick word on Mac Malware
- A quick word on Mobile Malware
- Look out and don’t infect yourself
- Final wrap-up
Section 6: Final Wrap-Up (15 minutes)
- Review
- Next steps to further your education
- Goodbye
Your Instructor
Aamir Lakhani
Aamir Lakhani is a leading senior security strategist. He is responsible for providing IT security solutions to major enterprises and government organizations.
Mr. Lakhani creates technical security strategies and leads security implementation projects for Fortune 500 companies. Industries of focus include healthcare providers, educational institutions, financial institutions and government organizations. Aamir has designed offensive counter-defense measures for the Department of Defense and national intelligence agencies. He has also assisted organizations with safeguarding IT and physical environments from attacks perpetrated by underground cybercriminal groups. Mr. Lakhani is considered an industry leader for creating detailed security architectures within complex computing environments. His areas of expertise include cyber defense, mobile application threats, malware management, Advanced Persistent Threat (APT) research, and investigations relating to the Internet’s dark security movement. He is the author or contributor of several books, and has appeared on FOX Business News, National Public Radio, and other media outlets as an expert on cybersecurity.
Writing under the pseudonym Dr. Chaos, Mr. Lakhani also operates the popular security social media blog which is hosted at DrChaos.com. In its recent list of 46 Federal Technology Experts to Follow on Twitter, Forbes magazine described Aamir Lakhani as “a blogger, InfoSec specialist, super hero…and all around good guy.”