Выберите удобное для вас число,
запишитесь на курс, заполнив простую форму
Course is dedicated for software and security engineers who are willing to learn byte-level work with the malicious programs, also known as malware. How to analyze them, reverse engineering in a safe environment.
Glossary:
RE - reverse engineering
Pre-requisites:
- C, Go, Python parogramming
- Terminal/CMD expertise
- Laptop with equal or stronger specifications: Intel core i3-8xxx, 8GB RAM, 60GB free space.
1. Malware analysis. Intro
Malware world. Static and dynamic analysis. VirusTotal. Safe environment. Debugging & analysis tools. SysInternals.
2. Stage 1 loaders RE. Macros analysis (docx, dotm, xls)
Introduction for malwares which load the executable payload (PE exe programs) upon the event, called Stage 1 loaders. Obfuscation. Simple VisualBasic macros for MS Word, Excel documents.
3. Stage 2 loaders RE.
Further analysis of loaded PE exe programs’ behavior on target system. Packing/Unpacking. Persistence on the system.
4. Process injection. DLL, PE
Once the malware’s executable payload is on the system, what are the mechanisms of taking over the system via significant processes?
5. Process injection. Pt 2
Advanced process injection mechanisms’ analysis like Windows API hooking of malware payload
6. Anti-analysis mechanisms in Malware
How can malware protect itself from analysis?
7. Anti-analysis mechanisms in Malware. Pt 2. Persistence
How can malware protect itself from being removed and assure the persistence on the target system?
Malware internals.
Worms, spyware.
