CFI2201 — Malware Analysis Fundamentals & Malicious Code Analysis
CFI 2201 - Malware Analysis Fundamentals & Malicious Code Analysis CFI 2201 - Malware Analysis Fundamentals & Malicious Code Analysis Hours/Week: Lecture 2 Lab 2 Course Description: This course presents the key tools and techniques malware analysts use to examine malicious programs by exploring Windows malware in two phases. Behavioral analysis focuses on the program’s interactions with its environment, such as the registry, the network, and the file system. Code analysis focuses on the specimen’s code and makes use of disassembler and debugger tools such as IDA Pro and OllyDbg. This course covers how to patch malicious executables to change their functionality during the analysis without recompiling them and redirect network traffic in the lab to better interact with malware. MnTC Goals None ) Assembling the toolkit for malware forensics Performing behavioral analysis of malicious Windows executables Performing static and dynamic code analysis of malicious Windows executables Additional learning resources for reverse-engineering malware Reinforcing the dynamic analysis concepts learned in 610.1 Patching compiled malicious Windows executables Analyzing packed malicious executable files Intercepting network connections in the malware lab Analyzing Web browser malware implemented in JavaScript and Flash Core concepts for reverse-engineering malware at the code level Learning
Prerequisites: CFI1065, CFI1205