Courses | Technitics Consulting
Malware Research and Analysis
Overview
Malware Research & Analysis go hand in hand. The objective of this exam is to identify the level of understanding & experience of the Candidate in this domain. Malware Coding skills are expected.
Pre-requisites
- Programming experience.
- Assembly Language knowledge.
- Understanding of common executable file formats / Debugging Concepts.
- Expertise in Reverse Code Engineering.
- Good knowledge of reversing Packed / Protected applications.
- Thorough knowledge of all types of Malwares & their Analysis.
Lab exam blueprint
The candidate will be provided with a Sample Malware. Within the alloted time period the candidate is supposed to do Complete Analysis of the Sample & submit a report.
Tools recommended
- Hex-Editors
- PEiD
- ImpRec
- LordPE
- OllyDbg / IDA Pro / Immunity Debugger or any other debugger of your choice along with the necessary plugins.
- Decompilers like .NET Reflector & its plugins / JAD & so on.
- VM softwares, Sysinternals Suite, etc
Expected Solution Format
At the end of the lab exam, the candidate is required to submit a report that explains how exactly the Malware Sample was Analysed. Its expected to be as technical as possible with every single detail mentioned.
Report must include
- Tools used.
- The problems that you faced.
- Your approach to solve the problems.
- Type of the Malware.
- Hidden tricks, if any.
- What exactly does the Malware do?
- A Solution/ Fix / Signature to the provided Malware Sample.
- If any programming was required, we expect the source-code to be submitted.
Solutions have to be submitted in pdf / Word Document format.