Oreilly - Introduction to Malware Analysis for Incident Responders
by Jason Dion | Publisher: Packt Publishing | Release Date: May 2018 | ISBN: 9781789530612
Increase your cybersecurity capability by learning to perform dynamic and static malware analysis!About This VideoYou will build your own malware analysis virtual lab to create a safe analysis environment using FlareVM.We will perform the analysis on a real-world piece of malware to fully understand the concepts covered in this course.In DetailNearly every incident response that occurs in the cyber security field comes back to the initial intrusion vector: malware. In this course, you will learn about the various types and categories of malware, their symptoms, and how they work. As an incident responder, it is imperative that you understand the symptoms of malware, but more importantly that you are able to understand what that malware is doing, and quickly. So, if you have ever wondered how to better understand malware, this is the course for you!
- Chapter 1 : Introduction
- Welcome to the Course 00:02:53
- Chapter 2 : Malware Concepts: Building a solid foundation upon which to learn
- What is Malware? 00:01:35
- Symptoms and Activities 00:04:00
- Types of Malware 00:07:43
- Infection Vectors 00:05:35
- Chapter 3 : Malware Analysis: Foundational concepts before begin working with malware
- Malware Analysis Overview and Types 00:01:46
- Static Analysis 00:03:10
- Dynamic Analysis 00:04:03
- Chapter 4 : Setting Up the Analysis Environment (FlareVM)
- Install Virtual Box 00:02:39
- Install Windows 10 00:03:48
- Download and Install FlareVM 00:06:17
- Creating a Snapshot of a the Clean FlareVM 00:04:03
- Disabling the Firewall and Antivirus 00:01:58
- Chapter 5 : Conducting the Analysis
- Attempting Static Analysis with Floss 00:02:35
- Beginning Dynamic Analysis with Autoruns 00:03:46
- Investigating the Scheduled Task 00:03:02
- Packet Analysis with Wireshark and Process Monitoring 00:09:34
- Files and Folders Created 00:03:45
- Static Analysis with Ida and OllyDbg 00:04:34
- Static Analysis with Process Dump 00:08:12
- Open Source Research 00:04:40
- Chapter 6 : Conclusion
TO MAC USERS: If RAR password doesn't work, use this archive program:
RAR Expander 0.8.5 Beta 4 and extract password protected files without error.
TO WIN USERS: If RAR password doesn't work, use this archive program:
Latest Winrar and extract password protected files without error.