This workshop presents some key tools and techniques used by malware analysts to examine malicious code. Students will learn two key techniques – Behavioural Analysis and Code Analysis.
Behavioural Analysis focuses on the malware’s interactions with its environment, such as the registry, the network, and the file system. Based on these interactions, students will better understand how malware operates and what the likely damages and impacts are to the victim. Using virtualisation software students will learn how malicious code interacts with its environment.
Code analysis focuses on malware (the code) and makes use of disassemblers and/or debuggers to understand its content. This method includes static and dynamic components. It is a low-level dive-in method where malware analysts gain an in-depth understanding of the malicious code and its construction. With the help of available tools, analysts can analyse the content dynamically and easily.
In this elementary hands-on workshop, students will examine two malwares using key tools and techniques.
|Reverse Engineering Malware Workshop
Day III & IV: June 24 – 25, 2015
Venue: LEET lab, Building 1 , Level 6
||Arrival and registration
||Introduction to Reverse-engineering Malware
Behavioural Analysis demonstration and hands-on (malware srvcp.exe)
||Behavioural Analysis demonstration and hands-on (malware srvcp.exe)
Code Analysis demonstration and hands-on (malware srvcp.exe)
||Code Analysis demonstration and hands-on(malware srvcp.exe and brbbot.exe)
||Code Analysis demonstration and hands-on(malware brbbot.exe)