Malware Analysis

                    Coming Soon

It is very important to inspect the capabilities of a malicious software, also called malware. This is in order to understand its effect and hence take necessary steps to prevent it. However, an Information Technology (IT) team cannot simply test such effects on the real system, which could result in a disaster for the entire system.

Questions about the mechanism of the malware, what it really does, and its effects are all of the main concerns to the IT team. Hence, a controlled environment is necessary to perform any required examinations on a particular malware. The following steps elaborate on some free and necessary toolkit for any IT security team. It makes teams capable of facing any security incident on a Windows operating system, which is commonly prone to malware exploitation.

There are some available utilities –all free– that one could harness to monitor the infected system behavior. This depends on the type of monitoring desired. Installation of one of the following tools on the test machine is necessary before infecting it with the malware.

The previous tools might be able to analyze the behavior, but it does not touch the problem from its roots. Analyzing the malicious code could lead to a more interesting result. Despite the fact that it is difficult to access the source code of the executable malicious file, there are some tools that can assist in this process.

Scylla and OllyDumpEx: These tools are helpful when dealing with packed executables which could not be disassembled. Instructions of such executables are often encoded and encrypted, and are only extracted into Ram when running. A dump file will be created having the protected code.

How to Build a free Malware Analysis Toolkit?

 

Fill out this form to sign up for the class.

$200.00Select options

 

 

Unlimited classes:

If you know that you are interested in this class as well as other InfoSec classes then you should consider the unlimited classes package for $49.99 per month. You can find out more about it by clicking on the link below:

https://infosecaddicts.com/unlimited-classes/

 

NOTE: Due to Joe McCray’s travel and work schedule (ex: short notice consulting/training engagements or changes to those ) classes may reschedule or cancel. In these situations a refund will be granted as the class will usually re-run the following week, or additional days will be added to the class schedule to make up for this.

This post was written by Joseph McCray

5 thoughts on “Malware Analysis

  1. The powershell course shows 3 hour classes from Sep 4-7th, and then on Saturday for 45 minutes. Is the malware class setup the same? Will they overlap? What will be studied on the Saturday in the 45 minute block?

      1. Thanks! If they are set up the same, is the malware course at the same time (7pm-10pm Sep 4-7) as the powershell course? I was planning to sign up for both…but it wouldn’t make sense to sign up for both if they are held at the same time? Thanks!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.