• Online, Instructor-Led
Course Description

This course provides a rapid introduction to the file formats, tools, and methodologies used to perform malware analysis on malicious documents using a practical hands-on approach. Students will learn to pinpoint and analyze the most suspicious document components and how to extract host and network based indicators from them. This course includes demonstrations and hands-on labs that contain real malware.

Learning Objectives

After completing this course, learners should be able to: • Dissect and analyze malicious document formats • Extract network and host-based indicators • Extract noteworthy components that require further isolated analysis • Detect suspicious patterns and common exploitation techniques • Utilize modern analysis tools including Offvis and 010 editor • Create and automate custom tools for your specific organization

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.