Overview
Explore malware analysis on Windows systems with practical, hands-on training. This programme provides a beginner-level introduction to the tools and methodologies used to perform malware analysis on executables found in Windows systems using a practical, hands-on approach. The programme introduces learners to decompilation with Ghidra and introduces Windows Technologies that are prevalent in malware such as WMI, .NET, and PowerShell. The content is taught by FLARE malware analysts who are experienced in analysing a diverse set of malware.
Key Takeaways
At the end of this programme, you will be able to:
- Quickly perform malware triage using a variety of techniques and tools without running the malware
- Analyse running malware by observing file system changes, function calls, network communications and other indicators
- Learn about code compilation and how to interpret decompiled Windows code
- Analyse basic .NET and PowerShell malware and interpret WMI commands
- Use Ghidra, the open-source disassembler/decompiler
Who Should Attend
- Please refer to the job roles section.
- Targeted at Information technology professionals, information security professionals, corporate investigators and professionals who need to understand how malware functions operate and the processes involved in malware analysis.
Prerequisites
- General knowledge of computer and operating system fundamentals.
- Exposure to computer programming fundamentals and Windows Internals experience (recommended).
What To Bring
Students are required to bring their own laptop that meets the following specs:
- VMware Workstation 10+ or VMware Fusion 7+.
- 30 GB of free HDD space.
Programme Structure
This programme will cover the following topics:
- Malware Autopsy
- Running Malware
- x86 Assembly Language
- IDA Pro and Disassembly Analysis
| Full Fee |
Full programme fee | S$2137 |
8% GST on nett programme fee | S$192.33 |
Total nett programme fee payable, including GST | S$2329.33 |
With effect from 1 Jan 2024
Step 1
| Apply through your organisation's training request system
|
Step 2
| Your organisation's training request system (or relevant HR staff) confirms your organisation's approval for you to take the programme. Your organisation will send registration information to the academy. Organisation HR L&D or equivalent staff can click here for details of the registration submission process. |
Step 3
| GovTech Digital Academy will inform you whether you have been successful in enrolment.
|