Malware Analysis Fundamentals

Programme Code D139
Learning Partner(s)
Mandiant Academy
4 Days
Format Online
SOC Engineering Cyber Threat Hunting Cybersecurity Operations
Job Roles
ICT&SS Professional Security Testing Engineer Data Security Officer Cybersecurity Engineer


Explore malware analysis on Windows systems with practical, hands-on training. This programme provides a beginner-level introduction to the tools and methodologies used to perform malware analysis on executables found in Windows systems using a practical, hands-on approach. The programme introduces learners to decompilation with Ghidra and introduces Windows Technologies that are prevalent in malware such as WMI, .NET, and PowerShell. The content is taught by FLARE malware analysts who are experienced in analysing a diverse set of malware.

Key Takeaways

At the end of this programme, you will be able to:
  • Quickly perform malware triage using a variety of techniques and tools without running the malware
  • Analyse running malware by observing file system changes, function calls, network communications and other indicators
  • Learn about code compilation and how to interpret decompiled Windows code
  • Analyse basic .NET and PowerShell malware and interpret WMI commands
  • Use Ghidra, the open-source disassembler/decompiler

Who Should Attend

  • Please refer to the job roles section.
  • Targeted at Information technology professionals, information security professionals, corporate investigators and professionals who need to understand how malware functions operate and the processes involved in malware analysis.


  • General knowledge of computer and operating system fundamentals.
  • Exposure to computer programming fundamentals and Windows Internals experience (recommended).

What To Bring

Students are required to bring their own laptop that meets the following specs:
  • VMware Workstation 10+ or VMware Fusion 7+.
  • 30 GB of free HDD space.

Programme Structure

This programme will cover the following topics:
  • Malware Autopsy
  • Running Malware
  • x86 Assembly Language
  • IDA Pro and Disassembly Analysis

    Full Fee

    Full programme fee


    8% GST on nett programme fee


    Total nett programme fee payable, including GSTS$2329.33 
    With effect from 1 Jan 2024


    Step 1 Apply through your organisation's training request system

    Step 2 Your organisation's training request system (or relevant HR staff) confirms your organisation's approval for you to take the programme.

    Your organisation will send registration information to the academy.

    Organisation HR L&D or equivalent staff can click here for details of the registration submission process.

    Step 3 GovTech Digital Academy will inform you whether you have been successful in enrolment.