filmov
tv
Dynamic Malware Analysis D1P01 Introduction
Показать описание
Follow us on Twitter for class news @OpenSecTraining.
This introductory malware dynamic analysis class by Veronica Kovah is dedicated to people who are starting to work on malware analysis or who want to know what kinds of artifacts left by malware can be detected via various tools. The class will be a hands-on class where students can use various tools to look for how malware is: Persisting, Communicating, and Hiding
We will achieve the items above by first learning the individual techniques sandboxes utilize. We will show how to capture and record registry, file, network, mutex, API, installation, hooking and other activity undertaken by the malware. We will create fake network responses to deceive malware so that it shows more behavior. We will also talk about how using MITRE's Malware Attribute Enumeration & Characterization (MAEC - pronounced "Mike") standard can help normalize the data obtained manually or from sandboxes, and improve junior malware analysts' reports. The class will additionally discuss how to take malware attributes and turn them into useful detection signatures such as Snort network IDS rules, or YARA signatures.
Dynamic analysis should always be an analyst's first approach to discovering malware functionality. But this class will show the instances where dynamic analysis cannot achieve complete analysis, due to malware tricks for instance. So in this class you will learn when you will need to use static analysis, as offered in follow the follow on Introduction to Reverse Engineering and Reverse Engineering Malware classes.
During the course students will complete many hands on exercises.
Course Objectives:
* Understand how to set up a protected dynamic malware analysis environment
* Get hands on experience with various malware behavior monitoring tools
* Learn the set of malware artifacts an analyst should gather from an analysis
* Learn how to trick malware into exhibiting behaviors that only occur under special conditions
* Create actionable detection signatures from malware indicators
This class is recommended for a later class on malware static analysis. This is so that students understand both techniques, and utilize the technique which gives the quickest answer to a given question.
This introductory malware dynamic analysis class by Veronica Kovah is dedicated to people who are starting to work on malware analysis or who want to know what kinds of artifacts left by malware can be detected via various tools. The class will be a hands-on class where students can use various tools to look for how malware is: Persisting, Communicating, and Hiding
We will achieve the items above by first learning the individual techniques sandboxes utilize. We will show how to capture and record registry, file, network, mutex, API, installation, hooking and other activity undertaken by the malware. We will create fake network responses to deceive malware so that it shows more behavior. We will also talk about how using MITRE's Malware Attribute Enumeration & Characterization (MAEC - pronounced "Mike") standard can help normalize the data obtained manually or from sandboxes, and improve junior malware analysts' reports. The class will additionally discuss how to take malware attributes and turn them into useful detection signatures such as Snort network IDS rules, or YARA signatures.
Dynamic analysis should always be an analyst's first approach to discovering malware functionality. But this class will show the instances where dynamic analysis cannot achieve complete analysis, due to malware tricks for instance. So in this class you will learn when you will need to use static analysis, as offered in follow the follow on Introduction to Reverse Engineering and Reverse Engineering Malware classes.
During the course students will complete many hands on exercises.
Course Objectives:
* Understand how to set up a protected dynamic malware analysis environment
* Get hands on experience with various malware behavior monitoring tools
* Learn the set of malware artifacts an analyst should gather from an analysis
* Learn how to trick malware into exhibiting behaviors that only occur under special conditions
* Create actionable detection signatures from malware indicators
This class is recommended for a later class on malware static analysis. This is so that students understand both techniques, and utilize the technique which gives the quickest answer to a given question.
0:08:09
Dynamic Malware Analysis D1P01 Introduction
0:24:43
Introduction To Dynamic Malware Analysis
0:30:12
Dynamic Malware Analysis
0:03:16
Dynamic Malware Analysis D2P01 Day 1 Review
0:06:30
Dynamic Analysis - Malware Analysis Basics
0:16:35
TekTip ep1 - Basic Dynamic Malware Analysis
0:45:33
Lab09: Malware Analysis PartII: Basic Dynamic Analysis
0:25:46
Dynamic Malware Analysis with Process Monitor | TryHackMe
0:18:24
Malware Analysis: Dynamic analysis Live Demo
0:11:07
Dynamic Malware Analysis with Regshot | TryHackMe
0:05:29
Demonstration Basic Dynamic Analysis with Malware Sample
0:06:50
Dynamic Malware Analysis D1P11 Malware Terminology
0:11:17
Basic Dynamic Malware Analysis
0:12:58
Malware Analysis - Chapter 03 - Basic Dynamic Analysis
1:16:48
Lab11 Malware Analysis Part IV: Advanced Dynamic Analysis
0:02:29
Dynamic Malware Analysis D2P05 Maneuvering Overview
0:14:08
Mastering Dynamic Malware Analysis as a Beginner : Let's Defend Example 1 Walkthrough
0:33:36
Basic Dynamic Malware Analysis
0:19:03
Dynamic Malware Analysis with Process Explorer | TryHackMe
0:17:36
Malware Analysis- Introduction to Static and Dynamic Analysis
0:09:06
Dynamic Malware Analysis D1P14 Persistence Overview
0:22:42
Malware Analysis : Basic Dynamic Analysis
0:04:24
SOC Experts - Anand Guru - Malware Analysis - 17 Automated dynamic malware analysis
0:09:16
14 05 Malware Analysis Dynamic
Комментарии