Hiding malware within documents has become one the main methods attackers use to compromise systems. In this course, Performing Malware Analysis on Malicious Documents, you will learn how to look at documents to determine if they contain malware, and if so, what that malware does. First, you will explore how to analyze malicious Adobe PDF and Microsoft Office documents. Next, you will discover how attackers obfuscate scripts within malicious documents, and how you can defeat that obfuscation to determine the script's purpose. Finally, you will dive into the tools required to perform this analysis safely and quickly. When you're finished with this course, you will have the skills and knowledge needed to perform malware analysis on malicious documents.
Learning Objectives
- Performing Document Analysis
- Analyzing PDF Documents
- Performing JavaScript Analysis
- Analyzing Office Documents
- Performing VBA Script Analysis
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Digital Forensics
- Incident Response
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.