Course Description

The course covers several modules to help you start your journey in analyzing malware. Each module focuses on different skills building up your analysis arsenal, with skills related to PE analysis, assembly and reverse engineering, debugging, deobfuscation, and reporting.

Pricing options

Please make sure you select the enrollment schedule that works best for you. If none of these work and you are still interested in our training, please contact us.


After completing this course, students will be able to demonstrate how to analyze malware, extract IOCs, and write a report about their analysis.

1. Introduction to Malware Analysis

2. Working with a Sandbox and Different Analysis Tools

3. PE File Analysis

4. Assembly x86/x64 Crash Course

5. Reverse Engineer and Debugging Malware

6. Analyzing Different Injection Techniques

7. Malware Persistence Mechanisms

8. Obfuscation and Anti-Analysis Techniques

9. Analyzing Malware Armed with Shellcode

10. Analyzing Managed Code (readable/uncompiled)

11. Extracting IOCs and writing YARA Rules

12. Writing Reports


Ali Hadi is a Senior Cybersecurity Specialist with 15+ years of industrial experience in Information Technology (IT), currently working as a full-time professor and researcher for both the Computer and Digital Forensics and Cybersecurity Departments at Champlain College, USA. Ali is also a Co-Founder and the Chief Technology Officer at Cyber 5W. Ali provides consulting in several areas of security including digital forensics and incident response, cyber threat hunting, and penetration testing. Ali is also an author, speaker, and freelance instructor where he delivered technical training to law enforcement agencies, banks, telecoms, private companies, and other institutes. Ali's research interests include digital forensics, incident response, adversary emulation, and offensive security. More details could be found here.

Course Material

  • Slide Notes & Lab Documents

    Training material including the course slides, lab documents, and references for further reading.

  • Malware Samples

    A copy of all the malware samples used during the training. Many of the samples have been custom built for the training.

  • Certificates

    At the end of the course, you will receive a Certificate of Completion that proves you have attended the course.

    However, to obtain our C5W Certified Malware Analyst certification you will be required to take an exam.

Learning Objectives

After completing this course, the student will be able to perform the following:

  • Ability to Analyze Malware using Different Tools and Sandboxes

  • Learn assembly x86/x64

  • Learn how to reverse engineer and debug malware

  • Ability to analyze malware with different injection techniques

  • Learn about malware persistence, obfuscation, and anti-analysis techniques

  • Learn how to locate and analyze malware using shellcode

  • Ability to analyze malware written using managed languages, such as: .NET, HTA, VBScript, Python, and JavaScript

  • Ability to extract IOCs from malware samples and turn them into YARA rules

  • Learn how to write malware analysis reports


Basic knowledge of operating systems, programming, and knowing assembly would be a plus.

The Value of the Training

After completing this course, students will be able to demonstrate how to analyze malware, extract IOCs, and write a report about their analysis.

Who is this Training For?

Anyone who is willing to start a career in this field and needs the skills to do malware analysis, and also those who are curious about learning how to analyze malware.

System Requirements:

what you need to for the course

1. Computer or laptop with a Linux/Windows/Mac Operating System.

2. Capability of running virtualization software (VMWare or VirtualBox) and the attendee is comfortable of running malware on it.

3. More than 50 GB of disk space for the VMs used.

Cancellation Policy:

Info you need to know to get a refund

Full refunds will be provided up to 14 days before the course start date. You are allowed to change the course schedule up to 10 days before the course starts.