My team at Savvis provides security assessments, design, and operational assistance for businesses.
I'll be teaching malware analysis at SANS conferences in Orlando, San Diego, and on-line.
Take a look at my IT and security cheat sheets, which I designed to assist in difficult situations.

Introduction to Malware Analysis - Presentation

My popular malware analysis course has helped IT administrators, security professionals, and malware specialists fight malicious code in their organizations. In this presentation, I introduce the process of reverse-engineering malicious software. I cover behavioral and code analysis phases, to make this topic accessible even to individuals with a limited exposure to programming concepts. You'll learn the fundamentals and associated tools to get started with malware analysis.

The recorded version of the webcast is temporarily unavailable. However, you can download my slides, complete with full speaker notes (PDF).

The presentation walks you through the analysis of a trojan program. If you'd like to experiment with the specimen, you can download the malicious executable here. The password for the archive is the word "infected". Be careful to take the lab isolation precautions I discuss in the presentation!

If you have any questions regarding the materials, drop me a note. If you'd like to learn about the full Reverse-Engineering Malware course I teach at SANS Institute, take a look at the REM course page.

About the Author: Lenny Zeltser leads the security consulting practice at Savvis. His team provides security assessments, design, and operational assistance for business-critical IT infrastructure. Lenny also teaches malware analysis at SANS Institute, explores security topics at conferences and in articles, and volunteers as an incident handler at the Internet Storm Center.