Watch Live!

AppSec USA Training

Malware Analysis Crash Course

September 16-17th
US $1,600

Presented by Mandiant, a FireEye Company

About the course

Almost every computer incident involves a trojan, backdoor, virus, or rootkit. Incident responders must be able to perform rapid analysis on the malware encountered in an effort to cure current infections and prevent future ones. This course provides a rapid introduction to the tools and methodologies used to perform malware analysis on executables found on Windows systems using a practical, hands-on approach. Students will learn how to find the functionality of a program by analyzing disassembly and by watching how it modifies a system and its resources as it runs in a debugger. They will learn how to extract host and network-based indicators from a malicious program. They will be taught about dynamic analysis and the Windows APIs most often used by malware authors. Each section is filled with in-class demonstrations and hands-on labs with real malware where the students practice what they have learned. Students will receive a FREE copy of the book, “Practical Malware Analysis” written by Mike Sikorski.

What You Will Learn:

  • Hands-on malware dissection
  • How to create a safe malware analysis environment
  • How to quickly extract network and host-based indicators
  • How to perform dynamic analysis using system monitoring utilities to capture the file system, registry and network activity generated by malware
  • How to debug malware and modify control flow and logic of software
  • To analyze assembly code after a crash course in the Intel x86 assembly language
  • Windows internals and APIs
  • How to use key analysis tools like IDA Pro and OllyDbg
  • What to look for when analyzing a piece of malware
  • The art of malware analysis; not just running tools

Who Should Take This Course

Software developers, information security professionals, incident responders, computer security researchers, puzzle lovers, corporate investigators or others requiring an understanding of how malware works and the steps and processes involved in performing malware analysis.

Student Requirements

  • Excellent knowledge of computer and operating system fundamentals
  • Computer programming fundamentals and Windows Internals experience is highly recommended

What Students Should Bring

  • Excellent knowledge of computer and operating system fundamentals
  • Computer programming fundamentals and Windows Internals experience is highly recommended

What Students Will Be Provided With

  • A signed copy of “Practical Malware Analysis” from No Starch Press
  • A Student Manual
  • Class handouts
  • MANDIANT gear
Students must bring their own laptop with VMware Workstation, Server or Fusion installed (VMware Player is acceptable, but not recommended). Laptops should have at least 20GB of free space.
A licensed copy of IDA Pro is highly recommended to participate in ALL labs, but the free version can be used in most cases.

About the trainers

Carrie Jung is a Senior Consultant in Mandiant’s Albuquerque, NM office. She specializes in reverse engineering and malware analysis research. Ms. Jung previously worked at Sandia National Laboratories where she worked in application, network and low-level systems based security and reverse engineering. Carrie teaches Malware Analysis to a variety of audiences including Black Hat.

 

Richard Wartell is a Consultant in Mandiant’s San Francisco, California, office. He specializes in reverse engineering, binary rewriting, and binary transparency. Dr. Wartell has developed both offensive and defensive software for his Phd. and for Mandiant. He has also spoken at THOTcon, REcon, and a variety of other security conferences.

Enroll in this training course

Training requires a separate registration from the AppSec USA conference. Registration for both conference and training offerings may be found here.

AppSec USA

AppSec USA is a world-class software security conference for developers, auditors, risk managers, technologists, and entrepreneurs gathering with the world’s top practitioners to share the latest research and practices, in the high energy atmosphere of Downtown Denver.