Practical Malware Analysis Course free download
What is Malware Analysis ?
Practical Malware Analysis Course free download ; what exactly malware analysis is right so what mal what is Mau analysis right so melow analysis is the process of analyzing a malware sample or a binary and extracting as much information as possible from it all right the information that we extract is that will then help us to understand the scope of the functionality of the malware which means what exactly this malware does or what can it do right how the system was infected so we're trying to find out okay how did this piece of malware get onto the system so that we can prevent it from happening again right so we can defend against similar attacks in the future which then brings up the question what are the clear-cut objectives of performing malware analysis for a company and for yourself really or you know really for for a company because companies are the most targeted organizations or a groups of people rather that are really really the target now for attackers so the objectives of malgo analysis number one to understand the type of malware and the entire scope of what it can do so they are trying to understand all right is this a remote access tool is this a Trojan and what can it do what really can this malware do you know with a try and understand everything it can do right so they're trying to say is it a keylogger okay does it have extended functionality does it also have a dropper so that's the the first objective the second objective is to find out how the system was infected right so you're trying to understand is this a targeted attack or it was it a phishing attack so that you can prevent this from happening again right so you're building up your dip your your defense in depth right thirdly its we are trying to find out how the malware communicates with the attacker for example if it is a remote access tool we are trying to see all right is it connecting back to a command and control center is it command connecting back to a a web server what exactly is it doing in regards to communicating with the attacker so we're trying to understand that so again we can understand the infrastructure here and lastly and most importantly is to exfiltrate useful indicators like registry entries or keys and the and the filenames or new filenames for the purpose of generating signatures that can be then used for for future detections so this is what antivirus companies do in regards to the various pieces of malware they essentially analyze them exfiltrate useful indicators like the new registries that have been entered or modified and then the filenames that that the malware creates and with that they generate signatures that are then used to to detect any future infections so that is what in essence our antivirus companies do now let's take a look at the types of malware analysis that we'll be taking a look at in this course right so first of all we have static analysis with enough dynamic analysis with enough code analysis and behavioral analysis so let's start off with static analysis so static analysis is the process of analyzing malware without executing or running it it's very important here and again the word or the the name gives it away it's static we're not executing it we are simply just trying to extract information in information from the front front from the malware sample so the objective is to extract as much meta meta data from the malware as possible now the meta data I'm referring to are things like strings or PE headers now if you're not familiar with those terms don't worry we'll be covering that all when we take a look at static analysis in depth we then have dynamic analysis again the name might give you an idea of what's going on in this stage so it is the process of executing the malware and analyzing its functionality and behavior now behavior will be taking we will be taking a look at its behavior in depth when we talk about behavioral analysis but again we are the objective in dynamic analysis is to understand exactly how and what the malware does during the execution and this is mostly monitored in in a debugger and again I'll explain how it differs you know from dynamic analysis to behavioral analysis because you can handle it differently depending on on how you like it but I like going at it you know step by step we then have code analysis now code analysis is something very important because again it involves the process of analyzing or reverse engineering assembly code and again this can be done both statically and dynamically because you can do this executable has not been executed or you can do this dynamically while you're executing the program this is done to do to essentially understand what piece of code does what alright so you're trying to see ok during this section here what is the malware doing and through that you get an understanding of the malice functionality and finally you have one of my favorite aspects which is the behavioral analysis right so this is the process of analyzing and monitoring the malware after execution or right from the point of execution onwards so it involves monitoring the processes the registry entries and monitoring the network to determine the workings of the malware so the objective here is to understand ok from the point of the execution what is this we're doing it is it creating any new files is it creating any new registries is it editing any new registries is it sending data back to the attacker or is it sending any information self back back to the attack.
what is Malware ?
Practical Malware Analysis Course free download ; what exactly is malware that you know that should be the main question in your head if you don't know what it is exactly so malware is an executable or a binary that is malicious in nature all right so malware is used by attackers to perform a variety of malicious actions like one for example could be spying on a target through the use of a remote access tool or a key logger right secondly they could be performing data exfiltration and or destruction of data so they could be stealing data from from the target or they could be destroying data right and one of the most popular ones right now examples of this is the data encryption and destruction and this is done through ransomware so so again the whole idea of financial gain from the front pieces of malware like ransomware is becoming very very popular and again This course is going to tackle various pieces of malware as well so it will be really exciting to take a look at that and sort of reverse-engineer various pieces of ransomware alright so that is in essence what malware is
Types of Malware
Practical Malware Analysis Course free download ; Now let's talk about the types of malware because remember Malwa is a very wide or broad subject to solve this scribe in in in one paragraph and we need to understand that it the various pieces of malware or the various types of malware are sorted out further into the in in regards to their functionality so malware refers to any binary or executable that is malicious that has been established secondly malware is sorted into further denominations based on its or their functionality so here are the various types of malware sorted out in terms of their functionality and what they do all right now the mind you these are very very basic or very minimal examples of the various types of malware exist I'm simply listing the most popular ones and the best examples of their functionality and how they differ in terms of their functionality but one thing they share in common is they all intend to do something malicious to the target right or they all have malicious intent now that that may not be entirely true for remote access tools but again they have to be considered a piece of malware because they can be used for illegal as well as legal deployment so number one is our Trojans right so Trojans are a type of malware that disguise itself or they disguise themselves as legitimate programs for the purpose of social engineering so you're trying to get a user to click on a program and you've disguised it as a legitimate program right so it's very very similar to binding a payload to an existing Exe file for example the chrome setup and then you know exploiting the system through the use of that so you have essentially performed a type of social engineering so the functionality of a trojan is limited to the fact that it can destroy an actual trait data from a system however we have seen different variants where they can also be used for spine secondly we have remote access tools and again I'm going to mention the fact that remote access tools are used for both legal and illegal intent and that should be taken into consideration so there are type of malware that allows the attacker to remotely access and execute commands on the system now if you've taken look at the various remote access tools out there you can see that they the vary in terms of functionality you know a remote access tool in is considered the best because it offers you more functionality I recently reviewed the Rimkus right on my channel and you could see the various amounts of functionality as so functionality can be stripped or extended with the use of other pieces of malware or modules as they're called like key loggers alright so remote access tools are extremely complex and we'll be taking a look at some of the basic ones because performing an analysis on them and it really takes a while because again as I said they have a ton of features we then move on to ransomware which again I've mentioned is becoming extremely popular now and we'll be taking a look at decrypting and analyzing some of the the various strains of ransomware out there so again this is a type of malware that and that encrypts all the files on the system and holds the system and its data for ransom so again it essentially encrypts all the files on the system and then you have to pay a ransom to decrypt those files we then have a dropper now a dropper main you may not be familiar with what a dropper is but quite simply it is a type of malware whose purpose is to download or to drop additional malware onto the system now it may not have any malicious intent apart from the fact that it downloads the actual malware and these are usually used to avoid initial detection or you know so the user isn't suspicious of what's going on so it may be also binded as a legitimate program that then downloads the malware or drops the malware onto your system so again very very dangerous stuff there and we'll be taking a look at various droppers as well alright so those are the most popular types of malware that exist and so these all the classifications in regards to what we are going to be focusing on now I know that these are just a very small example of the pieces of malware but again as said this is what we can be focusing on.
Conclusion :
Practical Malware Analysis Course free download ; Contain all your requirement materials so this course is really good So Download this and enjoy and make sure to Subscribe our YouTube channel 5G GYAN you can find our YouTube channel, Instagram and Telegram Channel where you will get Daily update that can be very helpful to you so i hope you like this Post and course Thank you.
Also Download This
Ethical hacking course & Tools 800 GB
Real world Penetration testing Course
Linux Privilleg Escalation 2020
Advance Ethical Hacking Course
Build an Advance Keylogger using c course
0 Comments