This is a three-day course introducing students to malware analysis triage. Each topic in the course will include lectures, labs, and lab review. We will rinse and repeat this cadence throughout the full 3 days. Students should have some exposure to cybersecurity as well as experience with handling virtual machines, including snapshotting and network configuration.

• Security Operations Center Staff
• Reverse Engineers
• Incident Responders
• Software Engineers
• System Administrators

This course is designed to introduce students with some experience in cybersecurity to the field of malware analysis. Whether you are new to reverse engineering and want to understand malware better, or an experienced analyst in search of a refresher, this course will enhance your malware analysis skills. If seeking more of a challenge, consider registering for the Malware Analysis - Stage 2 course when offered.

• Understand the structure of binary executable files
• Explore how malware commonly interacts with operating system internals
• Apply static and dynamic analysis tools to malware samples
• Trace low-level program flow in a binary
• Understand and write YARA rules to detect future threats
• Identify and analyze common malware techniques and behaviors
• Explore how AI can assist in the reverse engineering process

We will be providing a pre-built Windows virtual machine for this course. The link to download this virtual machine will be provided via email in the weeks leading up to the event. It is highly recommended that you use VMWare Workstation (if you’re on a Windows machine) or VMWare Fusion (if you’re on a Mac).