Advanced Malware Analysis: Redux
3h 41mAdvanced2023-09-21
Authors

Cybrary
Course details
Do you have knowledge of malware analysis core concepts, but want to transition from malware analyst to reverse engineer? Brian Rogalski, CEO of Hexcapes, equips you to handle complex tasks such as extracting, debugging, disassembling, unpacking, and hunting malware as he reacquaints you with key analysis topics and exercises. Get ready for the rest of the course with a review of Windows OS, PE files and memory, WinAPI and Registry, and common malware behaviors. Go over x86 and x64 architecture, and then dive into dynamic and static malware analysis. Explore malware challenges, including malware packers, obfuscation, identifying encryption, anti-analysis, and memory analysis. This course helps you gain the hands-on experience you need to level up.
Skills covered
ReduxMetaWeb Development ToolsIncident ResponseAdvancedSoftware Development ToolsCybersecurityWeb DevelopmentSoftware Development
Concepts
1. RE Preparation
- 01 - Module 1 objectives
- 02 - Reverse engineering process review
- 03 - Malware analysis tools
- 04 - Malware handling
- 05 - Malware components part 1 - Windows OS
- 06 - Malware components part 2 - PE files and memory
- 07 - Malware components part 3 - WinAPI and Registry
- 08 - Malware components part 4 - Malware behaviors
- 09 - Module 1 summary
2. x86 and x64 Architecture
- 10 - Module 2 objectives
- 11 - Numbering systems
- 12 - Computer architecture part 1 - x86 x64
- 13 - Computer architecture part 2 - Assembly Language
- 14 - Computer architecture part 3 - Control flow and stack
- 15 - Module 2 summary
3. Dynamic and Static Malware Analysis
- 16 - Module 3 objectives
- 17 - Dynamic analysis process part 1
- 18 - Dynamic analysis process part 2
- 19 - Dynamic analysis process part 3 - Advanced analysis
- 20 - Static analysis part 1
- 21 - Static analysis part 2
- 22 - Module 3 summary
4. Malware Challenges
- 23 - Module 4 objectives
- 24 - Malware packers part 1
- 25 - Malware packers part 2
- 26 - Obfuscation part 1
- 27 - Obfuscation part 2 - XOR
- 28 - Obfuscation part 3 - base64
- 29 - Identifying encryption
- 30 - Anti-analysis part 1
- 31 - Anti-analysis part 2
- 32 - Module 4 summary
5. Memory Analysis
- 33 - Module 5 objectives
- 34 - Forensics process
- 35 - Memory analysis part 1
- 36 - Memory analysis part 2
- 37 - Module 5 summary
- 38 - Course summary