Security Training▸ Malware

Malware Analysis Training

Learn how to recognize the malwares and analyze them!

#APT Attack

#Malware Analysis

#Windows PE

#Memory Forensic

#Yara

What is Malware Analysis Training?

Many are exposed to malwares these days. Some are attached in the email, and some are injected in software installation applications. Imagine that malware is installed in your work computer. Not only secretive information but also credential information of your coworkers and clients can be passed on to hacker. In this course, you will be able to learn characteristics of various malwares and professional analytical methodology. Also, you will be able to learn about APT attack, its trends, and different tools to analyze the APT attack.

Who should take this course?

Incident Response <br> Manager and Analyst

Incident Response
Manager and Analyst

Security Monitoring <br>Manager

Security Monitoring
Manager

Malware Analyst

Malware Analyst

Other Malware <br> -Related Officials

Other Malware
-Related Officials

Why Malware Analysis Training?

Understanding Different
kinds of APT attacks
and latest trends

Static and Dynamic Analysis
 
 

Non-PE & PE Analysis
 
 

Memory analysis
using the latest tools

Extracting indicators for Yara
 

커리큘럼

Day 1

[APT attack and case studies]

1. What is APT Attack?
– Overview of APT attack and its recent trend

2. Different Kinds of APT Attack and its related malwares
– government-sponsored hacker groups
– the characteristics of malwares by hacker groups

3. APT hacking Case Study
– Spear phishing attack
– Supply Chain attack

01

[Settings for Malware Analysis]

1. Scenarios for Analyzing malware

– Malware analysis and measures to take

2. Analysis Process and methodology

3. Settings for Malware Analysis

4. Tools for Static and Dynamic Analysis
– Process of Static and Dynamic Analysis
– Hands-on Exercises

5. Open Sandbox
– Analyzing the source code within malwares
– Analysis using Sandbox

02
Day 2

[Analyzing Non-PE(Portable Executable) type]

1. Analyzing Spear Phishing emails
– Spear Phishing Case Study (i.e. Links and Attachments)

2. Analyzing attached infected-documents
– Malwares targeting files in Macro Script, MS Word, HWP format
– Analyzing obfuscated Script and Shell Code
– Hands-on

01

[Analyzing PE(Portable Executable) type]

1. Structure of Windows and PE format
– Analyzing Windows OS structure
– Structure and different types of PE files

2. Process Injection
– Malicious methods and types of process injection
– Hands-on exercises

3. Executable File Compression
– Malicious methods and types of Executable File Compression
– Hands-on exercises

4.  Anti-Analysis
– How attacker interrupts analyst’s work

02
Day 3

[Memory Forensics using Volatility]

1. Windows Memory
– Memory dumping process

2. Extracting Memory from Windows
– Extraction Process and tools

3. Analyzing Memory
– Analysis process of the extracted memory

4. Memory Analysis Scenarios
– Case study on memory analysis
– Hands-on

01

[Yara rule and Threat Hunting]

1. Yara Rule
– Overview
– Basic Rules

2. Case Study and Hands-on

02

Tools

  • The most recent static analysis tools

  • The most recent dynamic analysis tools

  • Debugging tools and disassembly tools

* Tools used may differ depending on circumstances.

Prerequisites

Computer Science and Software Engineering

Cyber Security Related Knowledge

Knowledge on Windows and Linux system architecture (memory, file system, registry, etc.)

Basic knowledge on Assembly and C Programming, and related experience

Knowledges on Debuggers such as IDA Pro and OllyDBG and Disassembler and related experience

Instructors

Chief Researcher
YoungJun Chang

Chief Researcher

batch_강사진_15(장영준)

YoungJun Chang | Chief Researcher

Main Training Area

Security Threat Trend

CTI Intro. & Process

MITRE ATT@CK

Senior Researcher
SangYoon Yoo

Senior Researcher

batch_강사진_16(유상윤)

SangYoon Yoo | Senior Researcher

Main Training Area

Malware Analyzing Envrionment & Tool

Senior Researcher
TaeHyung Kim

Senior Researcher

batch_강사진_17(김태형)

TaeHyung Kim | Senior Researcher

Main Training Area

Malware Analysis Methodology

Researcher
HanGuk Jo

Researcher

batch_강사진_18(조한국)

HanGuk Jo | Researcher

Main Training Area

Windows Memory Forensics

YARA

Chief Researcher
YoungJun Chang

Chief Researcher

batch_강사진_15(장영준)

YoungJun Chang | Chief Researcher

Main Training Area

Security Threat Trend

CTI Intro. & Process

MITRE ATT@CK

Senior Researcher
SangYoon Yoo

Senior Researcher

batch_강사진_16(유상윤)

SangYoon Yoo | Senior Researcher

Main Training Area

Malware Analyzing Envrionment & Tool

Senior Researcher
TaeHyung Kim

Senior Researcher

batch_강사진_17(김태형)

TaeHyung Kim | Senior Researcher

Main Training Area

Malware Analysis Methodology

Researcher
HanGuk Jo

Researcher

batch_강사진_18(조한국)

HanGuk Jo | Researcher

Main Training Area

Windows Memory Forensics

YARA

Reviews

Videos

Notice

NSHC provides following items for your convenience.

1) Laptop
We provide laptop with software that you will need for hands-on training.

2) Textbook
All the learning materials will be provided in form of a textbook.

3) Training fee
Lunches and snacks are included in your training fee.
Transportation, accommodation, and dinner are excluded.

4) Certificate of Completion
We give the certificate of completion to those who finish the training.

Location

78, Namdaemun-ro, Jung-gu, Seoul 

Registration and Payment

There are two ways to pay the training fee: PayPal or bank transfer

You may select preferred payment method when submitting the registration form.
We will assist you after your registration form is received.

If you have any question regarding the payment, please contact us at training@nshc.net.

Refund Policy

You may receive a full refund without a penalty if you make cancellation a week prior to the training. Or, you will be charged for 10% cancellation fee.

  • Cancellation made until [8 days] before the training : fully refundable

  • Cancellation made within [7 days ~ the day of training]: 10% cancellation fee is charged.

  • Refund policy may be changed without a notice.

Security Training ▸ Malware

Malware Analysis

#APT Attack

#Windows PE

#Memory Forensic

#Yara

$3,300(USD)

VAT incl.
  • Date
    Jun 8 ~ Jun 10
  • Time
    09:30 ~ 18:00
  • Location
    Myeongdong, Seoul
  • Deadline
    May 31, 2022
  • Capacity
    15
수강신청

Malware Analysis 전문가 교육 수강신청

(1=입문자, 5=전문가)

수강신청

Malware Analysis 전문가 교육 수강신청

(1=입문자, 5=전문가)