NCL 08: Malware Analysis: Basic Toolkit and Skillset

Malware analysis is a skill that is helpful in incident response and forensic investigation. It reveals how a piece of malicious code behaves and what impact it incurs in a system. This webinar will lay the basic foundation of this domain, and it will equip you with a set of tools that you will need to analyze malware statically and dynamically. If you have been interested in practical malware analysis but you never knew where to start, this webinar is ideal for you!

In the beginning, you will learn how to set up an isolated sandbox in the form of a Virtual Machine. This will be your lab for malware analysis. The lab will have a virtual network, using Fakenet, to simulate Internet connectivity. After that, two main types of analysis will be discussed:

- Static Analysis: how to analyze the malware without executing/running it. There are various tools that enable you to study things like embedded strings including encoded ones, API calls, file headers, and others. Some of the tools that will be discussed are CFF Explorer, PE Studio, and TrID.
- Dynamic Analysis: how to analyze the malware while executing it. We will examine ways to discover changes done by the malware after running it. Changes can be file modifications, registry modifications, network traffic, etc.

The webinar will be accompanied by different hands-on exercises and demos. We will apply the skills to various pieces of malware for practical demonstration.

In the end, you will be given tips and hints on how to progress further into this field had you wished to do that. The field of malware analysis is big; and after the foundation, you can progress into ransomware analysis, reverse engineering, and other advanced topics.

Axon Technologies, your cybersecurity partner!

We are here to protect you!