This webcast introduces you to practical approaches of reverse-engineering malicious software on a Windows system. I cover behavioral and code analysis phases, to make this topic accessible even to individuals with a limited exposure to programming concepts. You’ll learn the fundamentals and associated tools to get started with malware analysis.
You can view and listen to the recorded version of this webcast below. You can also download my slides, complete with full speaker notes. These slides are also useful when you cannot see full details on your screen while watching the webcast.
The presentation walks you through the analysis of a trojan program. If you’d like to experiment with the specimen, you can download the malicious executable here. The password for the archive is the word “malware”. To extract the malware sample, use 7-Zip. Be careful to take the lab isolation precautions I discuss in the presentation!
For more webcasts like this, see my listing of Introductory Malware Analysis Webcasts. If you’d like to learn about the full malware analysis course I teach at SANS Institute, take a look at the FOR610 course page.