Behavioral Malware Analysis Training

Print Friendly, PDF & Email

Behavioral Malware Analysis Training Course Description

Learn how to perform dynamic malware analysis with this Behavioral Malware Analysis Training

This Behavioral Malware Analysis Training course teaches you all the fundamental requirements necessary to analyze malicious software from a behavioral perspective. Using system monitoring tools, you will learn how to observe malware in a controlled environment to quickly analyze its malicious affects to the system.

From simple keyloggers to massive botnets, this Behavioral Malware Analysis Training class covers a wide variety of current threats used on the Internet today with actual samples being analyzed in the training environment. With the majority of the Behavioral Malware Analysis Training class being hands-on each student will be issued a laptop with a secure environment to learn the skills and essential methodologies required to be an effective malware analyst.

Duration: 5 days

Behavioral Malware Analysis Training Related Courses

Behavioral Malware Analysis Training - Customize It!

• We can adapt this Behavioral Malware Analysis Training course to your group’s background and work requirements at little to no added cost.
• If you are familiar with some aspects of this Behavioral Malware Analysis Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the Behavioral Malware Analysis Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Behavioral Malware Analysis Training course in manner understandable to lay audiences.

Behavioral Malware Analysis Training - Audience / Target Group

• Threat operation analysts seeking to have a better understanding of malware
• Incident responders who need to quickly address a system security breach
• Forensic investigators who need to identify malicious software
• Individuals who have experimented with malware analysis and want to expand their malware analysis techniques and methodologies on system security, computer forensics, and incident response

Behavioral Malware Analysis Training - Prerequisites

• A thorough understanding of the Microsoft Windows operating system is required. Understanding Operating Systems (OS100) or Windows Internals (OS110) provide an excellent foundation for this course. Knowledge of networking protocols and packet analysis is an advantage but not required.

Behavioral Malware Analysis Training - Objectives:

After completing this Behavioral Malware Analysis Training course, attendees will be able to:

• How to identify malware and discover its capabilities
• How to setup a secure lab environment to analyze malicious software
• How to use open source tools to characterize malware samples quickly
• Obfuscation methods used by attackers to escape detection

Behavioral Malware Analysis Training - Course Syllabus:

DAY 1:

Malware Analysis
Static Analysis
Dynamic/Behavioral Analysis
Malware Overview
Definition of Malware
Malware Intentions and Motivations
Malware Types
Malicious Mobile Code
User-Mode Rootkit
Kernel-Mode Rootkit
Combination Malware
Malware threats research websites
Technologies to fight Malware and their limitations
Intrusion Detection Systems
Intrusion Prevention Systems
Anti-Virus Software
Windows Internals for Behavioral Analysts
Windows API
Common Libraries
Building An Analysis Environment
Behavioral Analysis Process (BA)
Understanding The Process
Knowing Your Goals
BA Tools of the Trade
VMware Workstation
Sysinternals Suite
ApateDNS & Fakenet
PEID & PackerBreaker
Process Hacker

DAY 2:

Why Baseline a System
The Windows Registry
Baselining Tools
Document-Embedded Malware
How To Embed a Document
Hijack Scenario
Macro Viruses
Melissa Virus Case Study
Adware, Spyware, and Ransomware Botnet Malware
Definition of a Bot
Botnet Communication Architecture
Setting Up and Using IRC For Command and Control

DAY 3:

Keylogger types
Hardware vs Software
Remote Access Keyloggers
Malicious Mobile Code (Interactive Web Apps)
Definition of Malicious Mobile Code
Attack Vectors
Reducing Risk of MMC Attacks
Common Backdoor Types
Propagation Methods
Persistence Methods
Finding Backdoors
Trojan Horses
Definition of a Trojan Horse
Backdoor vs Trojan Horse
Trojan Horse Infection Methods
Advanced Persistent Threat (APT)
Definition of APT
User-Mode Rootkits
Definition of a Rootkit
Benefit of Rootkits for Attackers
Kernel- vs User-Mode Rootkits
Detection Methods

DAY 4:

Drop and Execute Malware
Dropper vs Injector
VMWARE Detection
Why Malware does VMware detection
Honeynets and Honeypots
Methods of VM Detection
Destructive Malware CHM Malware
Normal CHM File Usage
Advantages and Disadvantages of CHM Files
PDF Malware
Kernel-Mode Rootkits

DAY 5:

Student Practical

Request More Information

Time Frame: 0-3 Months4-12 Months