• Online, Instructor-Led
Course Description

This course provides a rapid introduction to the tools and methodologies used to perform malware analysis on executables found in Windows systems using a practical, hands-on approach. The course explains how to find the functionality of a program by analyzing disassembly and seeing how it modifies a system and its resources as it runs in a debugger.

Learning Objectives

After completing this course, learners should be able to: • Quickly perform a malware autopsy • Understand basic yet effective methods for analyzing running malware in a safe environment, such as virtual machines • Understand the basics of the x86 assembly language • Use IDA Pro, the main tool for disassembly analysis • Understand a wide range of Windows-specific concepts that are relevant to analyzing Windows malware • Monitor and change malware behavior, as it runs, at a low level

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.