Behavioral Malware Analysis Training

Commitment 5 Days, 7-8 hours a day.
Language English
User Ratings Average User Rating 4.8 See what learners said
Delivery Options Instructor-Led Onsite, Online, and Classroom Live


Learn how to perform dynamic malware analysis with this Behavioral Malware Analysis Training

This Behavioral Malware Analysis Training course teaches you all the fundamental requirements necessary to analyze malicious software from a behavioral perspective. Using system monitoring tools, you will learn how to observe malware in a controlled environment to quickly analyze its malicious effects on the system.

From simple keyloggers to massive botnets, this Behavioral Malware Analysis Training class covers a wide variety of current threats used on the Internet today with actual samples being analyzed in the training environment. With the majority of the Behavioral Malware Analysis class being hands-on each student will be issued a laptop with a secure environment to learn the skills and essential methodologies required to be an effective malware analyst.

  • 5 days of Behavioral Malware Analysis Training with an expert instructor
  • Behavioral Malware Analysis Electronic Course Guide
  • Certificate of Completion
  • 100% Satisfaction Guarantee



Upon completing this Behavioral Malware Analysis Training course, learners will be able to meet these objectives:

  • Set up a secure lab environment in which to analyze malicious software
  • Build and maintain a toolset of freely available, trusted tools
  • Classify different types of malware and describe their capabilities
  • Analyze malware samples of varying types to ascertain their specific behavioral characteristics and their impact on a system
  • Determine if a given sample is persistent and, if so, identify and remediate the persistence mechanism(s)
  • Identify when a sample is aware of its virtual environment and will require more advanced static or dynamic analysis
  • Document analytic findings using a comprehensive reporting template
  • We can adapt this Behavioral Malware Analysis course to your group’s background and work requirements at little to no added cost.
  • If you are familiar with some aspects of this Behavioral Malware Analysis course, we can omit or shorten their discussion.
  • We can adjust the emphasis placed on the various topics or build the Behavioral Malware Analysis Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
  • If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Behavioral Malware Analysis course in a manner understandable to lay audiences.

The target audience for this Behavioral Malware Analysis Training course:

  • Threat operation analysts seeking a better understanding of malware
  • Incident responders who need to quickly address a system security breach
  • Forensic investigators who need to identify malicious software
  • Individuals who have experimented with malware analysis and want to expand their malware analysis techniques and methodologies

The knowledge and skills that a learner must have before attending this Behavioral Malware Analysis Training course are:

  • Thorough understanding of Microsoft Windows
  • Experience with VMWare software although not required would be beneficial
  • Knowledge of networking protocols and Wireshark filtering is recommended but not required


DAY 1:
  • Malware Analysis
  • Static Analysis
  • Dynamic/Behavioral Analysis
  • Malware Overview
  • Definition of Malware
  • Malware Intentions and Motivations
  • Malware Types
  • Virus
  • Worm
  • Backdoor
  • Trojan
  • Malicious Mobile Code
  • User-Mode Rootkit
  • Kernel-Mode Rootkit
  • Combination Malware
  • Vulnerabilities
  • Malware threats research websites
  • Technologies to fight Malware and their limitations
  • Intrusion Detection Systems
  • Intrusion Prevention Systems
  • Anti-Virus Software
  • Windows Internals for Behavioral Analysts
  • Behavioral Malware Analysis Training
  • Windows API
  • Common Libraries
  • Building An Analysis Environment
  • Behavioral Analysis Process (BA)
  • Understanding The Process
  • Knowing Your Goals
  • BA Tools of the Trade
  • VMware Workstation
  • Sysinternals Suite
  • Regshot
  • ApateDNS & Fakenet
  • Wireshark
  • PEID & PackerBreaker
  • Process Hacker
DAY 2:
  • Baselining
  • Why Baseline a System
  • The Windows Registry
  • Baselining Tools
  • Document-Embedded Malware
  • How To Embed a Document
  • Hijack Scenario
  • Macro Viruses
  • Melissa Virus Case Study
  • Adware, Spyware, and Ransomware Botnet Malware
  • Definition of a Bot
  • Botnet Communication Architecture
  • Setting Up and Using IRC For Command and Control
DAY 3:
  • KeyLoggers
  • Purposes
  • Keylogger types
  • Hardware vs Software
  • Remote Access Keyloggers
  • Sniffers
  • Malicious Mobile Code (Interactive Web Apps)
  • Behavioral Malware Analysis Training
  • Definition of Malicious Mobile Code
  • Attack Vectors
  • Reducing the Risk of MMC Attacks
  • Backdoors
  • Common Backdoor Types
  • Propagation Methods
  • Persistence Methods
  • Finding Backdoors
  • Trojan Horses
  • Definition of a Trojan Horse
  • Backdoor vs Trojan Horse
  • Trojan Horse Infection Methods
  • Advanced Persistent Threat (APT)
  • Definition of APT
  • User-Mode Rootkits
  • Definition of a Rootkit
  • The benefit of Rootkits for Attackers
  • Kernel- vs User-Mode Rootkits
  • Detection Methods
DAY 4:
  • Drop and Execute Malware
  • Dropper vs Injector
  • VMWARE Detection
  • Why Malware does VMware detection
  • Honeynets and Honeypots
  • Methods of VM Detection
  • Destructive Malware CHM Malware
  • Normal CHM File Usage
  • Advantages and Disadvantages of CHM Files
  • PDF Malware
  • Kernel-Mode Rootkits
DAY 5:

Using the tools, skills, and methodologies taught in Days 1 through 4 of the class, students will derive the answers to questions regarding one final real-world malware specimen. Each student will have to reverse engineer the malware to discover its capabilities and persistence level as well as the threat level of the malware.

Behavioral Malware Analysis TrainingBehavioral Malware Analysis Training Course Recap, Q/A, and Evaluations


    Are you Human?