I finished this recently and wanted to write a little bit about it because it was quite fantastic.
What you’ll learn
- You will understand the steps and processes involved in static and dynamic Malware Analysis
- You will be able to perform basic dynamic Malware Analysis
- You will understand the various types of malware found in the wild
- You should have a general knowledge of computers and operating system fundamentals
- You should have a basic exposure to software development process
- It is helpful if you have some experience with programming in C, Java, Python, or another modern language, but it is not required
Nearly every incident response that occurs in the cyber security field comes back to the initial intrusion vector: Malware. In this course, you will learn about the various types and categories of malware, their symptoms, and how they work. As an incident responder, it is imperative that you understand the symptoms of malware, but more importantly that you are able to understand WHAT that malware is doing, and quickly.
In this course, you will learn how to perform the basics of dynamic malware analysis, a tried and true method of understanding what an unknown binary (malware) is doing on an infected system. You will build your own malware analysis virtual lab to create a safe analysis environment using FlareVM, and then we will perform the analysis on a real-world piece of malware to fully understand the concepts covered in this course.
So, if you have ever wondered how to better understand malware, this is the course for you!
Who this course is for:
- Anyone who wants to gain an understanding of how malware functions
- Anyone who wants to learn the steps and processes involved in Malware Analysis
It is not the longest video course you will take at around 90 minutes (ish) long through all sections and if like me you are working along through with it it was still only around 5 to 5 hours.
It’s honestly great when you take a course on a whim and it turns out to be like this where you take so much from it, here is a list of the curriculum.
And I have to admit I thought It was going to be a sort of “What is Malware/History of Malware” sort of course but I was so wrong, we do learn that of course but it’s all kinds of practical as well.
Jason Dion the instructor is excellent, really knowledgeable and walks you through everything from setting up your environment in virtual box with Windows 10 and FlareVM which I was new to.
We go through both static and dynamic analysis of our trickster Malware using tools like Floss and Autoruns but what is great is we get talked through taking a snapshot in Autoruns before and then we can run the Malware before comparing them to see what is happening, this is just one of the analysis we run.
Then its time to go on to investigate more using tools like Ida, OllyDbg.
This is to examine the step by step process the Malware is taking, looking at what it is trying to do like contacting IP’s, which IP’s, what is it doing like creating a handshake so it can communicate back and forth and the whole course was just so fascinating and an amazingly good intro into Malware investigation, I am proper glad I took this course and definitely recommend it.