Catalogue · MOD-DEF-11

Malware Analysis

Understanding malware means knowing what it does, how it hides and how to detect it. This expert module trains you in malware analysis, static and dynamic.

Defence (Blue) Expert 7 bricks 10 labs ≈ 21 h 5 real cases

Objectives

• Characterise a sample without running it • Observe behaviour in an isolated sandbox • Deobfuscate and extract the configuration • Produce a report and YARA rules

Module bricks

BRQ-DEF-056 — Malware triage & static analysis (PEStudio) (1 lab(s))
BRQ-DEF-057 — Dynamic analysis (sandbox) (1 lab(s))
BRQ-DEF-058 — Malware deobfuscation & unpacking (x64dbg) (1 lab(s))
BRQ-DEF-059 — Maldocs & scripts (oletools) (2 lab(s))
BRQ-DEF-060 — Assembly analysis & config extraction (IDA) (2 lab(s))
BRQ-DEF-061 — Infected memory & YARA (2 lab(s))
BRQ-DEF-062 — Malware analysis report & IOCs (ATT&CK Navigator) (1 lab(s))

Order this module View full catalogue