This course focuses on the technique and tool for analyzing various types of malwares which are generally used in cyber-attack. In-depth analysis of malwares using both static and dynamic analysis will be introduced and explained step-by-step throughout in this training. This course is suitable for a security analyst who works at Tier 3 of Security Operation Center.
- Assembling a toolkit for effective malware analysis, Examining static properties of suspicious programs
- Recognizing common malware characteristics at the Windows API level (registry manipulation, keylogging, HTTP communications, droppers)
- In-Depth Analysis of Executable Files, Malicious Document Files, ZIP and Rar files, Network Traffic Captured Packets, and many more sample malicious files.
- Static and Dynamic Methods for Malware Analysis Using Memory Forensics and Malware Code and Behavioral Analysis Fundamentals.
- Reversing Malicious Code, analyzing techniques that malware use to protect malicious software from being examined.
- Demonstration and Hand-on Exercises.
A system administrator, a security analyst, and a forensic investigator with some background in conducting forensic analysis, network traffic analysis, log analysis, and security assessments. It is also well suited for those managing CIRT / incident response teams, or those in roles that require oversight of forensic analysis and other investigative tasks.
- Basic of SOC Tier 1: Processes and Tools
- General knowledge of computer and operating system.
- Some experience in computer programming languages.
- Background in Computer Network and Tools such as Wireshark.
- Some basic of Linux command.
- Be familiar with Virtual Machine (VMware or Virtual Box)