This course provides a rapid introduction to the file formats, tools, and methodologies used to perform malware analysis on malicious documents using a practical hands-on approach. Students will learn to pinpoint and analyze the most suspicious document components and how to extract host and network based indicators from them. This course includes demonstrations and hands-on labs that contain real malware.
Learning Objectives
After completing this course, learners should be able to: • Dissect and analyze malicious document formats • Extract network and host-based indicators • Extract noteworthy components that require further isolated analysis • Detect suspicious patterns and common exploitation techniques • Utilize modern analysis tools including Offvis and 010 editor • Create and automate custom tools for your specific organization