Malware Analysis: Identifying and Defeating Packing

Focused View

Josh Stroschein

2:17:25

25 View

01.Course Overview

0101.Course Overview.mp4

01:51

02.Why Packing Affects Your Analysis

0201.Course Introduction.mp4

01:06

0202.Why Malware Authors Pack Code.mp4

05:22

0203.Module Introduction.mp4

00:45

0204.Common Packing Scenarios.mp4

04:49

0205.What You Should Know.mp4

02:22

0206.Conclusion.mp4

00:34

03.How Packers Work

0301.Module Introduction.mp4

01:02

0302.Detecting Signs of Packing.mp4

07:15

0303.Demo Packikng a Hello World.mp4

05:46

0304.Detecting Packers with Signatures.mp4

05:33

0305.Demo Packer Detection with Tools.mp4

04:48

0306.Lab Identification and Unpacking.mp4

02:59

0307.Conclusion.mp4

02:03

04.Identifying Custom Packers

0401.Module Introduction.mp4

01:03

0402.When Signatures Fail - Detecting Custom Packers.mp4

07:55

0403.Demo Detecting Custom Packers.mp4

05:11

0404.Using Sandboxes for Unpacking.mp4

05:23

0405.Lab Detecting Custom Packers.mp4

07:09

0406.Conclusion.mp4

01:12

05.Performing Manual Unpacking

0501.Module Introduction.mp4

01:07

0502.Unpacking by Memory Analysis.mp4

07:33

0503.Demo Unpacking a Ransomware.mp4

09:04

0504.Deeper Understanding of Packing Logic through Reverse Engineering.mp4

05:18

0505.Demo Unpacking a Simda.mp4

09:07

0506.Demo Tracing More Complex Unpacking Logic.mp4

09:48

0507.Lab Unpacking Custom Packers.mp4

14:54

0508.Conclusion.mp4

01:23

06.Leveling up Your Skills

0601.Module Introduction.mp4

00:26

0602.What You Learned.mp4

02:10

0603.Leveling up Your Skills.mp4

01:53

0604.Conclusion.mp4

00:34

Description

Malware authors routinely utilize packing techniques to complicate the analysis of their code. This course will teach you techniques for identifying and defeating packing so that key characteristics and behaviors can be identified.

What You'll Learn?

Malware authors will routinely utilize obfuscation techniques to complicate the analysis of their code. One such technique is packing, in which a malicious program is layered inside another program. In Malware Analysis: Identifying and Defeating Packing, you will gain the skills necessary to not only identify prevalent packing techniques, but also how to effectively defeat them. First, you will learn how packers work and how malware authors regularly use them. Next, you will learn how to detect common packers and methods for unpacking. Finally, you will learn about custom packers, how you can identify them and effective ways for defeating them. Each module of this course will include detailed demonstrations and hands-on labs that will allow you to analyze real-world malware. You will be going deep into malware packing techniques with such tools as IDA Pro and WinDbg, by the end of this course you will have the knowledge and skills to effectively tackle packing!

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Ethical Hacking

Penetration Testing

Josh Stroschein

Instructor's Courses

Josh is an experienced malware analyst and reverse engineer and has a passion for sharing his knowledge with others. He is a reverse engineer at Google (Chronicle), where he focuses on tackling the latest threats. Josh is an accomplished trainer, providing training at places such as Ring Zero, BlackHat, Defcon, Toorcon, Hack-In-The-Box, Suricon, and other public and private venues. Josh is also an author on Pluralsight, where he publishes content around malware analysis, reverse engineering, and other security related topics.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.