Bootcamp Format

The bootcamp consists of 16 hours delivered over 4 sessions (4 hours per session). This schedule is designed to give students ample time to absorb the content and complete the hands-on labs at a comfortable pace.

  • 4 Live Sessions

  • 4 Hours Per Session

  • 45+ Hands-On Lab Exercises

  • 20 Credit Hours of Virtual Lab Access

  • 1 CCMA Certification Exam Attempt

  • Access to Session Recordings

Upcoming Live Bootcamps

🎉 This is our new training format, running over 4 sessions and offering live, instructor-led sessions combined with hands-on labs, allowing you to learn real-world digital forensics at your own pace and on your own schedule.

  • Groups for group discounts, registration, or other schedules, please contact us at [email protected].

    • C5W MALWARE ANALYST - JANUARY BOOTCAMP

      New Year Session

    • New Year Bootcamp

    • January 4th, 2026
    • January 11th, 2026
    • January 18th, 2026
    • January 25th, 2026

      • $650.00

      Buy Now

    • C5W MALWARE ANALYST - FEBRUARY BOOTCAMP

      February Session

    • February Bootcamp

    • February 7th, 2026
    • February 14th, 2026
    • February 21th, 2026
    • February 28th, 2026

      • $650.00

      Buy Now

    • C5W MALWARE ANALYST BOOTCAMP

      Custom Schedule

      Looking for a custom bootcamp schedule for your team?

      • March 2026
      • April 2026
      • May 2026
      • June 2026

      Please reach out to us at [email protected] and we would be happy to arrange a time that works best for your team.

      $650.00

      Contact Us

    Why CCMA?

    The Certified Cyber 5W Malware Analyst (CCMA) is a scenario-driven certification built around real-world malware investigations. Instead of memorizing commands or theoretical concepts, you’ll learn how to break down malicious code, analyze malware behavior, trace infection paths, and uncover threat actor techniques using industry-standard tools and methodologies. The CCMA prepares you to think like a malware analyst — focused, analytical, and ready to tackle modern threats with confidence.

    Bootcamp Syllabus

    The bootcamp is split into four modules across four sessions. For a detailed syllabus of what CCMA includes, please check the CCMA course webpage.

    Introduction to Malware Analysis

    • Malware Types, Distribution Methods, and Common Threat Vectors
    • Role of Malware Analysis in Cybersecurity Operations
    • Fundamentals of Malware Identification
    • Overview of Analysis Techniques: Static vs. Dynamic
    • Preparing a Safe Analysis Environment

    Static Malware Analysis 101

    • Binary Structure Fundamentals
    • Identifying Malware Signatures and Embedded Artifacts
    • Working with Basic Static Tools (Strings, PEview, Detect It Easy, etc.)
    • Extracting Metadata and Code Characteristics
    • Hands-on Static Analysis Exercises

    Dynamic Malware Analysis 101

    • Setting Up Isolated, Controlled Execution Environments
    • Monitoring Malware Behavior in Real-Time
    • System Interaction Analysis (Processes, Files, Registry)
    • Network Traffic Monitoring and Behavioral Indicators
    • Capturing and Interpreting Execution Artifacts

    Static Malware Analysis 102 – IDA Pro

    • IDA Pro Interface and Workflow
    • Disassembly Navigation and Code Exploration
    • Function Analysis and Cross-Reference Mapping
    • Understanding Flow Charts and Decompiled Code
    • Identifying Malware Capabilities via Disassembly

    Static Malware Analysis 102 – Ghidra

    • Ghidra Project Setup and Navigation
    • Disassembly & Decompiled View Analysis
    • Reverse Engineering Techniques Using Ghidra
    • Analyzing Code Structures and Control Flows
    • Comparing Ghidra vs. IDA Pro Approaches

    Dynamic Malware Analysis 102

    • Advanced Debugging Concepts
    • Walking Through Code Using Debuggers
    • Identifying Runtime Behavior and Logic Flow
    • Malware Evasion and Anti-Debugging Techniques
    • Unpacking Obfuscated or Packed Malware

    Analyzing Managed Code (Readable / Uncompiled)

    • Understanding .NET, Java, and Python Malware Structures
    • Using Decompilers for High-Level Code Analysis
    • Identifying Behavioral Intent in Readable Source
    • Reverse Engineering and Artifacts Extraction
    • Working with Managed Execution Environments

    Extracting IOCs and Writing YARA Rules

    • IOC Fundamentals and Threat Detection Use Cases
    • Extracting Indicators from Static and Dynamic Analysis
    • Understanding YARA Structure and Rule Components
    • Writing Effective and Accurate YARA Rules
    • Testing and Validating YARA Rules Against Samples

    More Than 10 Extra Hands-on Labs

    • Real-World Malware Samples and Case Scenarios
    • Process Injection Techniques (e.g., DLL Injection, Process Hollowing)
    • Analyzing Network-Based Malware Behavior
    • Reverse Engineering Obfuscated Code
    • Hybrid Static + Dynamic Analysis Workflows
    Note: Additional topics may be included depending on class progression and time allocation.

    Learning Objectives

    After completing this course, you are expected to:

    • Define and recognize various types of malware

    • Analyze and interpret the behavior of malware specimens in controlled environments

    • Identify common evasion techniques employed by malware

    • Identify key indicators of compromise through static analysis

    • Gain proficiency in executing malware in a controlled environment for behavioral analysis

    • Apply theoretical knowledge through hands-on exercises using real-world malware samples

    • Learn to create and utilize signatures for the detection of known malware patterns

    • Develop strategies for proactive malware detection

    • Learn mitigation strategies to contain and eradicate malware infections

    • Develop practical skills in using malware analysis tools and platforms

    What You’ll Get

    Include a list of items to support the central theme of your page. Bulleted lists are a great way to parse information into digestible pieces.

    • Access to a private student lab environment

    • Live instruction from active malware analysts and reverse-engineering practitioners

    • Scenario-based malware investigations.

    • A CCMA exam attempt

    • Support from instructors during and after the course

    Prerequisites

    This course assumes no previous knowledge in malware analysis. However, basic knowledge in computer science, operating systems, programming, assembly, or any related field is highly desirable.

    Important: Learners must have experience installing software and running virtual machines within a hypervisor. Please ensure you are comfortable setting up and managing virtual machines independently.

    The Value of the Training

    Unlock the skills needed to identify, investigate, and understand digital incidents in a hands-on, guided environment. This training bridges the gap between theory and practice by walking you through real-world case scenarios, forensic imaging, artifact analysis, timeline reconstruction, and report writing.

    Whether you're pursuing a career in digital forensics, incident response, or security operations, this course provides the core foundation and investigative techniques required to uncover evidence, trace attacker activity, and respond effectively in today's evolving threat landscape.

    Who is this Certificate For?

    Anyone who is willing to start a career in this field and needs the skills to do malware analysis, and also those who are curious about learning how to analyze malware.

    System Requirements:

    what you need to for the course

    To ensure an optimal learning experience, you will have access to our hosted virtual lab environment with 24 credit hours of lab access. Learners can purchase more credit hours if they need. This eliminates the need to configure local virtual machines and allows you to seamlessly follow along with all hands-on exercises in a secure, controlled environment.

    Refund Policy:

    Refund requests for In-person and Online Virtual Training are accepted before the refund deadline and as long as the online course has not been accessed. To initiate a refund, please submit your request to [email protected]. The registration fee will be refunded, minus a $50 refund processing fee, to the original payment method. Please be advised that CYBER 5W OnDemand Courses are non-refundable and non-transferable once payment has been completed and course material has been accessed.