Module 1 Objectives

00:00

Hello, everyone. And welcome to malware analysis Redux. My name is Brian Rogowski. Now, before we dive into the course material, I just want to take a few minutes to cover some housekeeping items. I want to introduce myself, cover our objectives for the course. Now, as I mentioned, my name is Brian Rogowski, your instructor for malware Analysis Redux.

00:19

So let's start off with a little information about me.

00:22

So I got started in the cybersecurity sphere over 10 years ago, working in the financial industry on various information security teams. Now, while in the financial sector, I found the field of malware analysis very interesting. So I decided to take a malware analysis course.

00:38

Now, after deciding malware analysis was the right path for me, I chose to move to D. C. And work for various government entities as, um, our intelligence analyst.

00:48

While I was working as a malware analysts, I also found the field of data science very interesting and found that I could use these various tools and methodologies and apply them to information security and the malware analysis process.

01:00

Now, along with ex skates and Sai Buri, I'm instructor reverse engineer researcher, security data scientist and author, publishing various courses, blog's and articles. Personally, I've been extremely blessed to have lived in various countries such as Ukraine, Spain, in the UK I love learning languages in my spare time,

01:18

and over the past few years I've become pretty proficient and Russian and Spanish.

01:23

In the malware analysis Redux course, we have three main goals. The first one is to demonstrate the ability to analyze malware and perform reverse engineering tasks.

01:34

The second is to develop and demonstrate proficiency in computer science such as programming, data analysis and mathematics, and then apply those to the reverse engineering tasks

01:46

and thirdly will exhibit our technical writing and communication competencies. This will be demonstrated as we provide details of the malware, functionality and analysis reports.

01:57

To be successful in the Malware Analysis Redux course, you'll need some knowledge of programming languages now, although you don't need to be a programmer. Having knowledge of concepts like data structures and memory management will help you greatly during the reverse engineering process.

02:12

You'll also need to know how to set up and use virtualization technologies so you can analyze malware samples in your lab

02:17

now, although I use the M where throughout the course feel free to use virtual box or any other platform with which you feel comfortable.

02:25

Next. You should be familiar with Windows OS fundamentals and have performed some our analysis in the past.

02:32

If you haven't performed malware analysis before, not to worry, I'll be covering some fundamental topics as we move throughout the course.

02:40

The malware Analysis Redux courses designed for I T professionals looking to acquire some skills and perform some. Now we're analysis.

02:49

It's also form our analysts who wish to take a few steps forward on the path to becoming a reverse engineer. Its for threat intelligence analysts who wish to know more about the malware analysis process

03:00

and, lastly, for reverse engineers looking to review or get help with specific reverse engineering tasks.

03:07

In this course, we're going to review many aspects of the malware analysis process, and at first I want to prepare you by examining some various malware triage strategies, some handling procedures, reverse engineering tools and by examining some malware artifacts.

03:25

Next, we'll examine the X 86 x 64 low level languages. I'll continue in Module three by exploring dynamic and static analysis techniques in Module four will move on to overcoming malware challenges such as obfuscation and encryption. And lastly, in Module five, we'll explore

03:46

memory analysis.

03:46

All right, so with those housekeeping items out of the way, I hope you are ready to start the course. I am excited to get going, so let's begin with Module one. Reverse engineering preparation module one. Ari preparation.

04:01

All right, So before we get into module one, let's take a look at our objectives, and we've got a few.

04:08

The first one is recalling. The malware analysis process here will learn about what the process looks like. Understand the different opponents and understand why we perform malware analysis or reverse engineering.

04:20

Also in this module will summarize Ari tools and what purpose they serve.

04:27

Next will restate the malware handling process and look at why it's important. And lastly, we'll describe the p e file format, define Windows components, examine virtual memory Windows 32 AP eyes and libraries, and examine malware components and distribution channels.