Ανάπτυξη όλων

CSP007_C: Analyzing Malware Samples using Forensics Analytics (v001)

Trainer

            Christos Apostolakis, Zelus

Session Details

  1. Session Title:
    Analyzing Malware samples using Forensics Analysis Tools
  2. Session Description:
    This session will focus on identifying malware and analyzing its processes using memory analysis tools. Participants will learn techniques for dumping processes to facilitate malware analysis
  3. Key Learning Objectives:
    Understand the methodology for initiating an analysis of a malware infection incident.
    Learn to identify malicious processes and extract critical information about the methods used to infect system.
    Gain insights into how malware functions, enabling participants to recover and mitigate its impact.

Lab Details

  1. Lab Title:
    Malware Infection Incident analysis with Volatility and other State of the Art Digital Forensics Tools
  2. Lab Description:
    Lab focuses on the use of Digital Forensics Tools, that will help the participants to understand the methodologies we use to identify malware infections and how to analyze the evidence and perform Malware Analysis
  3. Key Learning Objectives:
    Utilize memory forensics tools to identify and analyze processes of an infected system in order to locate and isolate malicious software.
    Perform process dumping to capture malware and evaluate its functionality
  4. Tools/Software Required:
    Volatility 3, hex editor (xxd), aeskeyfind
    Virtual Environment: Kali Linux or other preferred Linux Distro with the essential tools installed