Introduction
Table of Contents
1. General Information
- Class: Malware Analysis and Incident Forencsis
- Topic: Introduction
Classroom Code: urcmtcq, the website is used to send announcements, upload slides, information about the exams. Text Book: Practical Malware Analysis, we use the book for the metodology descripted, not for the malware strategies or samples.
The exam is made up of two parts: 3h of practical test, analyze a sample, write a report and a set of question on the sample; 30m of questionnaire multiple choice questions with no evaluation, only admission. There is no mandatory homework, but there will be exercises to do to practice.
During the course we’ll deal with Windows 32-bit malware (for practical reasons), and we’ll learn the basic methodologies of malware analysis: static analysis, and dynamic analysis. We analyze malware beacuse understanding how people attack us will give us hints on how we can protect ourselves. We’ll not consider the exploitation part of the malware, but only on the payload.