Malware analysis and memory forensics are powerful analysis and investigative techniques used in reverse engineering, digital forensics, and incident response. This training introduces you to the topic of malware analysis, reverse engineering, Windows internals, and techniques to perform malware and Rootkit investigations of real-world memory samples using the open source advanced memory forensics framework (Volatility). The training covers the analysis and investigation of various real-world malware samples and infected memory images (crimeware, APT malware, Rootkit, etc.) and also contains hands-on labs to gain a better understanding of the subject.
Course Duration: 18 Hours
- How malware and Windows internals work
- How to create a safe and isolated lab environment for malware analysis
- What are the techniques and tools to perform malware analysis
- How to perform static analysis to determine the metadata associated with malware
- How to perform dynamic analysis of the malware to determine its interaction with the process, file system, registry and network
- How to perform code analysis to determine the malware functionality
- How to debug a malware using tools like IDA Pro, Ollydbg/Immunity debugger/x64dbg
- How to analyze downloader, droppers, keyloggers, fileless malwares, HTTP backdoors, etc.
- What is Memory Forensics and its use in malware and digital investigation
- Ability to acquire a memory image from suspect/infected systems
- How to use the open source advanced memory forensics framework (Volatility)
- Understanding the techniques used by the malware to hide from Live forensic tools
- Understanding the techniques used by Rootkits(code injection, hooking, etc.)
- Investigative steps for detecting stealth and advanced malware
- How memory forensics helps in malware analysis and reverse engineering
- How to incorporate malware analysis and memory forensics in a sandbox
- How to determine the network and host-based indicators (IOC)
- Techniques to hunt malware
Let’s get in touch
Interested in eCyLabs training but don’t know where to start? Just tell us a little bit about yourself, and we’ll make sure the right eCyLabs reaches out.