In this module, we will take a closer look at basic network dynamic analysis. In the real World, most malware generally has some kind of network presence. We'll begin with Indicators of Compromise (IOC's) such as file hashes, domain names, network traffic, strings, registry keys, files names, file paths, process names, URLs and IP addresses. We'll also cover how to use OpenIOC and segregate some indicators. Note that singularly any indicator may not be useful but when combined with other indicators, it is critical in dynamic analysis. You'll also learn about Yara that is used for identifying indicators. We'll also walkthrough three websites that'll help you understand these concepts better. These include: www.github.com, www.malware-analyzer.com and www.opensecuritytraining.info.
Intro to Malware Analysis and Reverse Engineering
In this course you will learn how to perform dynamic and static analysis on all major files types, how to carve malicious executables from documents and how to recognize common malware tactics and debug and disassemble malicious binaries.