MALWARE ANALYSIS FOR BEGINNERS
Date: October 19, 2017
Duration: 8 hours including lunch break and two 15-minutes coffee breaks
Target Audience: administrators of Linux and Windows servers, incident responders and analysts from CSIRT/CERT teams, software developers and cybersecurity enthusiasts with technical skills
Trainer: LADISLAV BACO
System Engineer at CSIRT.SK | Slovakia
Malware and forensics analyst, computer security enthusiast, software developer. 10 years experience with education, lectures, and trainings, mostly for students of High schools and Universities and employees in public sector. 4 years experience with cyber security, incident response, malware analysis and forensics.
During this entry-level malware analysis hands-on training participants will learn about common malware analysis approaches (basic static analysis, behavioral analysis, dynamic analysis/debugging and reverse engineering).
We will introduce advantages and disadvantages of these methods and participants can try this approaches during hands-on labs. We have prepared many crack me challenges and \”potentially malicious\” samples for familiarization with various tools. The most of the tools used during this training are either the open source or freeware programs running under Linux or Windows. Most of this programs are good enough even for advanced malware analysis, however, sometimes we mention the commercial alternatives.
Participants after this training should be able to set up their own lab environment for malware analysis with minimal cost. They also should be able to think like malware analyst, understand essential principles behind malware analysis and perform basic analysis of given samples using free tools.
All participants will receive the USB flash disk with an image of analytical Linux machine with various tools and samples. They also will receive the copy of presentation, hints and/or solutions for provided samples and cheatsheet with the description of common tools used during the training.
- At least minimal knowledge about programming (f.e. be able to read source code in Java or Python)
- Hands-on with Linux operating system (be able to use command-line interface)
- Laptop with 8GB of RAM, 20 GB free space on HDD/SSD and installed VirtualBox (64-bit edition)