This workshop provides the fundamentals of reversing engineering (RE) Windows malware using a hands-on experience with RE tools and techniques. You will be introduced to RE terms and processes, followed by creating a basic x86 assembly program, and reviewing RE tools and malware techniques. The course will conclude by participants performing hands-on malware analysis that consists of Triage, Static, and Dynamic analysis.
Overview
Syllabus
Introduction
What is a Reverse Engineer
Environment Setup
Anatomy of a Windows PE C program
X86 Assembly Language
Typical Attack Flow
Reverse Engineering (RE) Tools
LAB 1: Intro
Lab 1: Triage Analysis
Lab 2: Stage1 Static Analysis
Lab 2: Stage2 Static Analysis
Lab 3: Dynamic Analysis