
Portable executable files are the executable files for the windows operating system. This file format is the most critical portion of malware analysis as it is the actual executable code which is responsible for performing the infection behaviours and perform command and control operation. In this section, we are going to cover in detail about how we can analyze this file format and reverse engineer it using static and dynamic techniques.
This lecture talks about advance details about the structure of PE files and how to parse it using common security tools like CFF explorer and 010 editor.
This lecture tries to answer a simple question > What happens when a file is executed? What operations are performed by the operating system to launch the operation? This lecture tries to briefly answer this question. This is an important concept to understand as it lays the foundational work of understanding the behaviours of malware execution onto the windows operating system.
This lecture covers some of the useful tools for quick static analysis of PE files
Malware analysis is a critical skill in the information security community. This course is logically designed to help you leap through the complicated steps of static and dynamic malware analysis in an easy and proactive way. After this course, you will be able to understand the core skills required in malware incident response investigations and analysis of Advance persistent threats. The course will guide you trough the basic requirements and necessary skillsets required in order to take your knowledge to the next level.
Some of the key take a-ways from this course are:
You can post your queries and doubts in the course and I will be more than happy to help you in your learning curve.