Malware Analysis Professional (MAP)

Are you interested in dissecting malicious software in order to understand its mechanics and purpose? The Malware Analysis Professional Learning Path provides a holistic approach to reverse engineering and analyzing all aspects of malware. During the learning process, you will come across realistic and even real-world malware such as ransomware, botnets, and rats, against which you will perform reverse engineering, static analysis, and dynamic analysis activities. The Malware Analysis Professional Learning Path also prepares you for the MAP exam and certification.

Quote a Price

COURSE DESCRIPTION

Malware Analysis Professional (MAP) is an online, self-paced training course that teaches students the knowledge and skills necessary to dissect malicious software in order to understand its mechanics and purpose.

In this course, you will be able to:

  • Work with realistic malware samples created to prepare you for real-world samples
  • Analyze real-world samples: ransomware, botnets, rats, etc.
  • Explore an entire module dedicated to x64 bit assembly
  • Dive into the TLS method
  • Understand how malware uses Windows APIs to achieve their malicious activity
  • Debug samples using different debuggers

MAP provides a holistic approach to dissecting malware. You will also learn more about Reverse Engineering and add an additional skill to your arsenal, allowing you to dissect a product to understand its blueprint, how it was made, and:

  • Understand and bypass Anti-Reversing techniques
  • Learn about IA-32 CPU Architecture
  • Perform full manual unpacking on packed executables
  • Learn different methods to locate the important algorithms

MAP is a self-paced course that comes with 36 labs so you can develop your knowledge and test your skills through hands-on dissection and analysis of malicious software. In the Reverse Engineering portion of MAP, there are 10 downloadable, offline labs (executables) that provide practical reverse engineering experience. Additionally, this content comes with videos that provide step-by-step guidelines, providing an in-depth explanation of every technique.

Course material

  • Over 8 hours of HQ video training material
  • ~1800+ Interactive slides across 21 modules
  • 36 hands-on Malware Analysis and reverse engineering challenges labs, with over 800+ pages of lab manuals.

PREREQUISITES

Basic Knowledge and understanding of:

  • Networking and Network Protocols: TCP, UDP, ARP, ICMP, etc
  • Operating Systems and Computer Architecture Concepts
  • Programming Languages: x86 Assembly, C, C++, and Python
  • Information Security: Cyber Attacks, Malicious Content, Exploitation, Shellcodes and Digital Forensic Investigations

WHO SHOULD TAKE THIS COURSE?

The target audience of this course are:

  • Incident Responders
  • Digital Forensic Examiners
  • Malware Analysts
  • Penetration Testers who want to adapt Malware methods for their PT
  • Reverse Engineers with 0 – 2 yrs of experience
  • Cybersecurity Researchers and Students

ORGANIZATION OF CONTENTS

The student is provided with a suggested learning path to ensure the maximum success rate and its minimum effect.

SECTION 1: MALWARE ANALYSIS

  • Module 1: Introduction to Malware Analysis
  • Module 2: Static Analysis Techniques
  • Module 3: Assembly Crash Course
  • Module 4: Behavior Analysis
  • Module 5: Debugging and Disassembly Techniques
  • Module 6: Obfuscation Techniques

SECTION 2: REVERSE ENGINEERING

  • Module 1: The Necessary Theory: Part 1
  • Module 2: The Necessary Theory: Part 2
  • Module 3: The Necessary Theory: Part 3
  • Module 4: VA/RVA/OFFSET & PE File Format
  • Module 5: String References & Basic Patching
  • Module 6: Exploring the Stack
  • Module 7: Algorithm Reversing
  • Module 8: Windows Registry Manipulation
  • Module 9: File Manipulation
  • Module 10: Anti-Reversing: Part 1
  • Module 11: Anti-Reversing: Part 2
  • Module 12: Anti-Reversing: Part 3
  • Module 13: Code Obfuscation
  • Module 14: Analyzing Packers & Manual Unpacking
  • Module 15: Debugging Multi-Thread Applications

HERA LABS

The MAP course is a practice-based curriculum. Being integrated with Hera Lab, the most sophisticated virtual lab in IT Security, it offers an unmatched practical learning experience. Hera is the only virtual lab that provides fully isolated per-student access to each of the real-world scenarios available on the platform. Students can access Hera Lab from anywhere through VPN.

Modules will be accompanied by 26 hands-on malware analysis labs, with an additional 10 Win32 applications to reverse engineer.

SECTION 1 MALWARE ANALYSIS LABS

MODULE 1

  • Lab 1: Evidence Acquisition using KAPE

MODULE 2

  • Lab 2: File Identification
  • Lab 3: Analyzing PE File Structures
  • Lab 4: Packed Malware Identification And Basic Analysis
  • Lab 5: From IOCs to YARA Rules

MODULE 3 LABS

  • Lab 6: Writing and Debugging Assembly x64 Code

MODULE 4 LABS

  • Lab 7: Working with Windows Processes
  • Lab 8: Analyzing a Custom Downloader
  • Lab 9: Working with DLLs and DLL Injection
  • Lab 10: Dynamically Analyzing a Custom Backdoor
  • Lab 11: Dynamically Analyzing a KeyLogger

MODULE 5 LABS

  • Lab 12: Reverse Engineering a 64-bit Downloader Using x64dbg
  • Lab 13: Debugging a 64-bit Downloader Using x64dbg
  • Lab 14: Debugging a 64-bit Dropper
  • Lab 15: Reverse Engineering a Keylogger using IDA Pro
  • Lab 16: Reverse Engineering a Bot Using IDA Pro
  • Lab 17: Analyzing the WannaCry Ransomware
  • Lab 18: Reverse Engineering a Custom Backdoor using IDA Pro (64-bit)

MODULE 6 LABS

  • Lab 19: Manually Unpacking a Malware Using x64dbg
  • Lab 20: Manually Unpacking UPX using x64dbg
  • Lab 21: Manually Unpacking Real-Life Sample (Redaman)
  • Lab 22: Manual Unpacking Real-Life Sample (Locky
  • Lab 23: Binary Patching KillemAll Malware
  • Lab 24: Debugging Obfuscated Downloader
  • Lab 25: Debugging Process Hollowing (RunPE)
  • Lab 26: Debugging Process Hollowing with TLS Callbacks

SECTION 2 REVERSE ENGINEERING LABS

MODULES 5 – 15 LABS

  • Lab 27: String References & Basic Patching
  • Lab 28: Exploring the Stack
  • Lab 29: Algorithm Reversing
  • Lab 30: Windows Registry Manipulation
  • Lab 31: File Manipulation
  • Lab 32: Anti Reversing Tricks I
  • Lab 33: Anti Reversing Tricks II
  • Lab 34: Anti Reversing Tricks III
  • Lab 35: Code Obfuscation
  • Lab 36: Analyzing Packers & Manual Unpacking

Course Highlights

  • Malware Analysis
  • Working with Windows Processes
  • Anti-Reversing
  • Behavior Analysis
  • Malware Identification And Basic Analysis
  • Analyzing Packers & Manual Unpacking
  • Debugging Multi-Thread Applications

Get Quote