This course, Tier 2, focuses on intermediate anaylsis of a file that has been deemed suspicious with the intent of determining what the file does and how it does it. The follow-on course addresses more detailed malware analysis procedures and how to develop detection and remediation methods. The course lectures are supplemented with hands-on exercises to reinforce the learning process.
The goal is to give the student experience with more in-depth static and dynamic malware analysis. The student will learn to employ reverse engineering techniques via static and dynamic approaches to gain more detailed understanding of the threat.
Each module includes a discussion segment, assessment, or hands-on exercises as appropriate. Each student is expected to participate actively in the course. The course will culminate with the application of lessons learned on one or two case scenarios.