CYBER

Malware Analysis Fundamentals

Enquiry
Programme Code D139
Domain
Cybersecurity
Level
Intermediate
Learning Partner(s)
Mandiant Academy
Duration
4 Days
Format Online
Rating
Competencies
SOC Engineering Malware Analysis Cyber Threat Hunting Cybersecurity Operations
Job Roles
ICT&SS Professional Security Testing Engineer Data Security Officer Cybersecurity Engineer Chief Information Security Officer

Overview

This programme provides a beginner-level introduction to the tools and methodologies used to perform malware analysis on executables found in Windows systems using a practical, hands-on approach. The programme introduces learners to decompilation with Ghidra and introduces Windows Technologies that are prevalent in malware such as WMI, .NET, and PowerShell. The content is taught by FLARE malware analysts who are experienced in analyzing a diverse set of malware.

Key Takeaways

At the end of this programme, the participants will be able to:
  • Quickly perform malware triage using a variety of techniques and tools without running the malware
  • Analyse running malware by observing file system changes, function calls, network communications and other indicators
  • Learn about code compilation and how to interpret decompiled Windows code
  • Analyse basic .NET and PowerShell malware and interpret WMI commands
  • Use Ghidra, the open-source disassembler/decompiler

Who Should Attend

This programme is targeted at Information technology professionals, information security professionals, corporate investigators and professionals who need to understand how malware functions operate and the processes involved in malware analysis.

Prerequisites

General knowledge of computer and operating system fundamentals. Exposure to computer programming fundamentals and Windows Internals experience (recommended).

This programme is delivered via virtual instructor-led format and will cover the following topics:

  • Malware Autopsy
  • Running Malware
  • x86 Assembly Language
  • IDA Pro and Disassembly Analysis

     

    NOTE

    Students are required to bring their own laptop that meets the following specs:

  • VMware Workstation 10+ or VMware Fusion 7+
  • 30 GB of free HDD space
 

Full Fee

Full course fee

S$2137

8% GST on nett course fee

S$170.96

Total nett course fee payable, including GST S$2307.96 
With effect from 1 Jan 2023 till 31 Dec 2023



Agency-sponsored

Step 1 Apply through your organisation's training request system

Step 2 Your organisation's training request system (or relevant HR staff) confirms your organisation's approval for you to take the course.

Your organisation will send registration information to the academy.

Organisation HR L&D or equivalent staff can click here for details of the registration submission process.


Step 3 GovTech Digital Academy will inform you whether you have been successful in enrolment.