This self-paced online course covers the analysis of malicious files.
Topics include file pre-analysis, file identification via antivirus
scanning tools, dynamic and static malware analysis techniques, and
packing and obfuscation techniques that are intended to make analysis
more difficult. Examples discussed include Windows PE files and PDF documents.
After completing this course, learners should be able to:
- Summarize the requirements for a malware analysis lab
- Identify methods of analyzing malicious files
- Understand how to pre-analyze files
- Describe the use of
scanning tools to identify known malware samples
dynamic and static analysis techniques that malware analysts use to
document malware capabilities
- Describe packing and
obfuscation techniques used to disguise malware
Windows PE files and PDF documents for evidence of malware
Who Should Attend
Any FireEye customer.
Familiarity with x86 assembly language (32-bit) and a higher-level
compiled programming language such as C or C++ and its calling
conventions. Experience with basic use of a debugger on object code,
and basic Windows operation and system administration. Some experience
with a disassembler and writing Windows programs may be helpful.
This course includes animation with audio narration and requires
Adobe Flash Player and speakers or headphones.
- Introduction to the Lab Analysis Environment
- Dynamic Analysis
- Document Analysis