This course serves as an intermediate course on malware analysis. It is the second part in a
three-course series. This course, Tier 2, focuses on intermediate analysis of a file that has
been deemed suspicious with the intent of determining what the file does and how it does it.
- Demonstrate knowledge of software reverse engineering techniques
- Demonstrate knowledge of reverse engineering concepts.
- Demonstrate knowledge of debugging procedures and tools.
- Demonstrate knowledge of malware analysis tools (e.g., Olly Debug, IDA Pro).
- Demonstrate knowledge of binary analysis.
- Demonstrate skill in deep analysis of captured malicious code (e.g., malware forensics).
- Demonstrate skill in analyzing anomalous code as malicious or benign.
- Demonstrate skill in interpreting results of debugger to ascertain tactics, techniques, and procedures.
- Demonstrate skill in performing packet-level analysis using appropriate tools (e.g.,Wireshark, tcpdump).
- Demonstrate skill in reverse engineering (e.g., hex editing, binary packaging utilities, debugging, and strings analysis) to identify function and ownership of remote tools.