Course Description

The course covers several modules to help you start your journey in analyzing malware. Each module focuses on different skills building up your analysis arsenal, with skills related to PE analysis, assembly and reverse engineering, debugging, deobfuscation, and reporting.

Pricing options

Please make sure you select the enrollment schedule that works best for you. If none of these work and you are still interested in our training, please contact us.

Syllabus

After completing this course, students will be able to demonstrate how to analyze malware, extract IOCs, and write a report about their analysis.

1. Introduction to Malware Analysis

2. Working with a Sandbox and Different Analysis Tools

3. PE File Analysis

4. Assembly x86/x64 Crash Course

5. Reverse Engineer and Debugging Malware

6. Analyzing Different Injection Techniques

7. Malware Persistence Mechanisms

8. Obfuscation and Anti-Analysis Techniques

9. Analyzing Malware Armed with Shellcode

10. Analyzing Managed Code (readable/uncompiled)

11. Extracting IOCs and writing YARA Rules

12. Writing Reports

Instructor

Ali Hadi is a highly accomplished and experienced Senior Cybersecurity Specialist with 14+ years of professional experience in Information Technology. He is currently working as a full-time professor and researcher at the Computer and Digital Forensics and Cybersecurity Departments of Champlain College, USA. Ali is a Co-Founder and the Chief Technology Officer of Cyber 5W. He holds a PhD and MSc degree in Computer Information Systems, as well as a BSc degree in Computer Science. Throughout his professional career, Ali has earned more than 20 professional certifications. Ali is a sought-after consultant in the field of cybersecurity, offering expertise in areas such as digital forensics, incident response, adversary simulation, offensive security, and malware analysis. He is also an established author, speaker, and freelance instructor, having provided technical training to government and private firms as well as other organizations. Ali continues to be an influential figure in the digital forensics community and is dedicated to promoting forensics education and research. More details could be found here or contact him directly through twitter here.

Course Material

  • Slide Notes & Lab Documents

    Training material including the course slides, lab documents, and references for further reading.

  • Malware Samples

    A copy of all the malware samples used during the training. Many of the samples have been custom built for the training.

  • Certificates

    At the end of the course, you will receive a Certificate of Completion that proves you have attended the course.

    However, to obtain our C5W Certified Malware Analyst certification you will be required to take an exam.

Learning Objectives

After completing this course, the student will be able to perform the following:

  • Ability to Analyze Malware using Different Tools and Sandboxes

  • Learn assembly x86/x64

  • Learn how to reverse engineer and debug malware

  • Ability to analyze malware with different injection techniques

  • Learn about malware persistence, obfuscation, and anti-analysis techniques

  • Learn how to locate and analyze malware using shellcode

  • Ability to analyze malware written using managed languages, such as: .NET, HTA, VBScript, Python, and JavaScript

  • Ability to extract IOCs from malware samples and turn them into YARA rules

  • Learn how to write malware analysis reports

Prerequisites

Basic knowledge of operating systems, programming, and knowing assembly would be a plus.

The Value of the Training

After completing this course, students will be able to demonstrate how to analyze malware, extract IOCs, and write a report about their analysis.

Who is this Training For?

Anyone who is willing to start a career in this field and needs the skills to do malware analysis, and also those who are curious about learning how to analyze malware.

System Requirements:

what you need to for the course

1. Computer or laptop with a Linux/Windows/Mac Operating System.

2. Capability of running virtualization software (VMWare or VirtualBox) and the attendee is comfortable of running malware on it.

3. More than 50 GB of disk space for the VMs used.

Cancellation Policy:

Info you need to know to get a refund

Full refunds will be provided up to 14 days before the course start date. You are allowed to change the course schedule up to 10 days before the course starts.