Perched | Security Education, Consulting, and Support
Security Solutions

Static Malware Analysis with OMEGA316

Static Malware Analysis with OMEGA316

Overview

This customized, interactive two-day course is designed to help attendees learn and apply the fundamental principles of malware analysis.

Through the effective use of the Socratic method of teaching, the instructor provides students with an applied understanding of how to analyze malicious files. This applied technique is crucial for detecting and defending the network against today’s evolving and sophisticated malware.

Additionally, the course will equip attendees with Techniques, Tactics, and Procedures (TTPs) necessary to identify and extract indicators from suspicious files.

Students will be inspired with practical hands-on labs with simulated and real-world malware. Additionally, they will be introduced to the unique concept of power sessions, a key learning accelerator to gain applied knowledge.

Audience

Those interested in introductory malware analysis techniques.

Duration

2 Days | 8 hours per day

Prerequisites

While there are no prerequisites for this course.

Requirements

  • Mac, Linux, or Windows

  • Virtualization platform (VMWare, VirtualBox, etc.)

 

Day 1

Applied Kill Chain Analysis

This section of the course deals with providing practical hands-on skills for understanding the techniques used by threat actors to create malicious payloads. Students are first presented with some fundamental concepts that illustrate the attacker’s mindset through the Kill Chain framework. They are then introduced to Kali Linux, one of the most popular penetration testing toolkits with practical exploit tools.

Syllabus

  • Baseline skills assessment

  • Introduction to Kali Linux

  • Overview of lab topology

  • Hands-on Lab: Compromising systems using malicious payloads

  • Hands-on Lab: Payload injections

  • Hands-on Lab: Power session

 

Day 2

Static Malware Analysis

The central focus of this section is analyzing different types of malicious payloads. Students will learn the process of analyzing malicious Portable Executable (PE) files. They will also employ the use of static analysis techniques against document files such as Microsoft Office documents and Adobe PDFs.

Syllabus

  • Principles of malware analysis

  • Types of malware

  • Evasion techniques

  • Document analysis

  • Static analysis of PE files

  • Hands-on Lab: Static malware analysis

Dynamic Malware Analysis

Attendees will examine the debugging of malware and the process of interactive dynamic analysis including techniques for unpacking packed malware.

Syllabus

  • Debugging malware for analysis

  • Analyzing packed malware

  • Hands-on Lab: Dynamic analysis

  • Hands-on Lab: Power session