This course provides a beginner-level introduction to the tools and methodologies used to perform malware analysis on executables found in Windows systems using a practical, virtual hands-on approach. The course introduces students to Disassembly, including subtopics on x86 Architecture, The Stack, C Code Constructs, and an introduction to IDA Pro. The content is developed and taught by FLARE malware analysts who are experienced in analyzing a diverse set of malware.
Syllabus
- Introduction to Malware Analysis
- Basic Static Analysis
- Basic Dynamic Analysis
- Microsoft .NET Framework
- Windows Management Instrumentation – Malware Triage Powershell
- Introduction to Ghidra
- Application Programmer Interface (API) Analysis
- File Analysis
- Registry Analysis
- Network Analysis
