National CAE Designated Institution
  • Online, Instructor-Led
  • Classroom
Course Description

This course serves as an intermediate course on malware analysis. It is the second part in a
three-course series. This course, Tier 2, focuses on intermediate analysis of a file that has
been deemed suspicious with the intent of determining what the file does and how it does it.

Learning Objectives

  • Demonstrate knowledge of software reverse engineering techniques
  • Demonstrate knowledge of reverse engineering concepts.
  • Demonstrate knowledge of debugging procedures and tools.
  • Demonstrate knowledge of malware analysis tools (e.g., Olly Debug, IDA Pro).
  • Demonstrate knowledge of binary analysis.
  • Demonstrate skill in deep analysis of captured malicious code (e.g., malware forensics).
  • Demonstrate skill in analyzing anomalous code as malicious or benign.
  • Demonstrate skill in interpreting results of debugger to ascertain tactics, techniques, and procedures.
  • Demonstrate skill in performing packet-level analysis using appropriate tools (e.g.,Wireshark, tcpdump).
  • Demonstrate skill in reverse engineering (e.g., hex editing, binary packaging utilities, debugging, and strings analysis) to identify function and ownership of remote tools.

Framework Connections