Казахстан, г. Алматы, ул. Шевченко 90, БЦ «Каратал», офис 53
Казахстан, г. Астана, ул. Иманова 19, БЦ Деловой Дом "Алма-Ата", офис 612

Даты проведения курса

Выберите удобное для вас число,
запишитесь на курс, заполнив простую форму

город: Астана
28.06.2024 Подтвержден
записаться на курс
направление: Reverse Engineering кол-во дней: 5
кол-во часов: 40
код курса: RE

Course is dedicated for software and security engineers who are willing to learn byte-level work with the malicious programs, also known as malware. How to analyze them, reverse engineering in a safe environment.


RE - reverse engineering


- C, Go, Python parogramming

- Terminal/CMD expertise

- Laptop with equal or stronger specifications: Intel core i3-8xxx, 8GB RAM, 60GB free space.


1. Malware analysis. Intro

Malware world. Static and dynamic analysis. VirusTotal. Safe environment. Debugging & analysis tools. SysInternals.

2. Stage 1 loaders RE. Macros analysis (docx, dotm, xls)

Introduction for malwares which load the executable payload (PE exe programs) upon the event, called Stage 1 loaders. Obfuscation. Simple VisualBasic macros for MS Word, Excel documents.

3. Stage 2 loaders RE.

Further analysis of loaded PE exe programs’ behavior on target system. Packing/Unpacking. Persistence on the system.

4. Process injection. DLL, PE

Once the malware’s executable payload is on the system, what are the mechanisms of taking over the system via significant processes?

5. Process injection. Pt 2

Advanced process injection mechanisms’ analysis like Windows API hooking of malware payload

6. Anti-analysis mechanisms in Malware

How can malware protect itself from analysis?

7. Anti-analysis mechanisms in Malware. Pt 2. Persistence

How can malware protect itself from being removed and assure the persistence on the target system?

Malware internals.

Worms, spyware.