Analyze and Classify Malware

Description

CybrScore’s Analyze and Classify Malware is a Cybrary lab intended for students of intermediate level. The Analyze and Classify Malware lab teaches students how to create and conduct basic static analysis of a malicious executable file. Kali Linux has a variety of built-in tools that are useful for different types of malware analysis, and in this lab, students will use several of these tools to conduct basic static analyze on a malware sample. Students will learn how to use the available tools to hash a malicious file and create a 3D representation of the malicious file for analysis and comparison against known malware samples. Students begin the lab by using a terminal in Kali Linux to create a malicious binary file on a virtual web server for the victim to launch. Students then use several Kali Linux tools, including binwalk, ExifTool, and MD5deep, to perform analysis on the file. CybrScore’s Analyze and Classify Malware lab takes approximately 1 hour to complete.

CybrScore’s Analyze and Classify Malware lab is part of the Cyber Defense Forensics Analyst career path. Completion of the Analyze and Classify Malware lab means that the student has demonstrated the ability to conduct basic static analysis of a malicious executable file. Students will demonstrate the ability to use tools in Kali Linux to conduct basic analysis on malware samples and the ability to create a 3D representation of a malicious file for analysis purposes.