This malware analysis training is dedicated to people who are starting to work on malware analysis or who want to know what kinds of artefacts caused by malware can be detected via various tools. Participants will learn different malware analysis techniques that even those with no security experience will be able to use to perform malware triage. The training covers strategies and techniques for analysing even the most sophisticated malicious programs. It also shows when to use particular techniques and why. Basics of malware collection and detecting are presented with memory forensic techniques and tools. Executable code analysis is introduced with various tools and techniques. Interesting topics such as honeypots, memory analysis, PDFs, and Office documents analyses for suspicious content, basics of reverse engineering common encoding and encryption algorithms are covered too. Each day contains practical work which follows theory explained to students on that day. In this way, participants can apply right away gained knowledge on real case situations.
Students should have very good knowledge of computer architecture, be very familiar with Microsoft Windows environment and understand simple programming codes written in C programming language.