This workshop presents some key tools and techniques used by malware analysts to examine malicious code. Students will learn two key techniques – Behavioural Analysis and Code Analysis.
Behavioural Analysis focuses on the malware’s interactions with its environment, such as the registry, the network, and the file system. Based on these interactions, students will better understand how malware operates and what the likely damages and impacts are to the victim. Using virtualisation software students will learn how malicious code interacts with its environment.
Code analysis focuses on malware (the code) and makes use of disassemblers and/or debuggers to understand its content. This method includes static and dynamic components. It is a low-level dive-in method where malware analysts gain an in-depth understanding of the malicious code and its construction. With the help of available tools, analysts can analyse the content dynamically and easily.
In this elementary hands-on workshop, students will examine two malwares using key tools and techniques.
Programme
8:30am | Arrival and registration |
9:00am | Introduction to Reverse-engineering Malware Behavioural Analysis demonstration and hands-on (malware srvcp.exe) |
10:15am | Coffee/Tea break |
10:30am | Behavioural Analysis demonstration and hands-on (malware srvcp.exe) Code Analysis demonstration and hands-on (malware srvcp.exe) |
12:15pm | Lunch |
1:30pm | Code Analysis demonstration and hands-on(malware srvcp.exe and brbbot.exe) |
2:45pm | Coffee/Tea break |
3:00pm | Code Analysis demonstration and hands-on(malware brbbot.exe) |
5:00pm | Adjourn |
Registration
Registration is now closed.