A Complete Practical Approach to Malware Analysis & Threat Hunting Using Memory Forensics - 2024 Edition [2101]

This 2-day hands-on training teaches the concepts, tools, and techniques to analyze, investigate, and hunt malware by combining two powerful techniques malware analysis and memory forensics. This course will introduce attendees to the basics of malware analysis, reverse engineering, Windows internals, and memory forensics. Then, it gradually progresses into more advanced concepts of malware analysis & memory forensics. Attendees will learn to perform static, dynamic, code, and memory analysis. To keep the training completely practical, it consists of various scenario-based hands-on labs after each module which involves analyzing real-world malware samples and investigating malware-infected memory images (crimewares, APT malwares, Fileless malwares, Rootkits, etc.). This hands-on training is designed to help attendees gain a better understanding of the subject in a short period. Throughout the course, the attendees will learn the latest techniques used by adversaries to compromise and persist on the system. In addition, it also covers various code injection, hooking, and rootkit techniques used by adversaries to bypass forensic tools and security products. In this training, you will also understand how to integrate malware analysis and memory forensics techniques into a custom sandbox to automate malware analysis. After taking this course, attendees will be better equipped with the skills to analyze, investigate, hunt, and respond to malware-related incidents.



Whether you are a beginner interested in learning malware analysis, threat hunting & memory forensics from scratch, or an experienced professional who would like to enhance your existing skills to perform a forensic investigation to respond to an incident or for fun, this training will help you accomplish your goals.



Note: Students will be provided with real-world malware samples, malware-infected memory images, course material, a lab solution manual, video demos, custom scripts, and a Linux VM.