PLU | Malware Analysis: Identifying And Defeating Code Obfuscation (2019 EN)

Company: Pluralsight
Author: Josh Stroschein
Full Title: Malware Analysis: Identifying And Defeating Code Obfuscation
Year: 2019
Language: English
Genre: Educational: Security
Skill Level: Intermediate
Price: -
-
Files: MP4 (+ Exercise Files, Subtitles .SRT)
Time: 02:22:30
Video: AVC, 1280 x 720 (1.778) at 30.000 fps, 250 kbps
Audio: AAC at 96 Kbps, 2 channels, 48.0 KHz



Malware authors routinely utilize obfuscation techniques to complicate the analysis of their code. This course will teach you techniques for identifying and defeating code obfuscation so that key characteristics and behaviors can be identified.

Malware authors will routinely utilize obfuscation techniques to complicate the analysis of their code. These techniques can prevent the discovery of important indicators of compromise and limit the ability to determine malware functionality. In this course, Malware Analysis: Identifying and Defeating Code Obfuscation, you will gain the skills necessary to not only identify prevalent obfuscation techniques but also how to effectively defeat them. First, you will see how obfuscation will affect your analysis and effective strategies for defeating a variety of obfuscation methods. Next, you will explore how to identify and detect obfuscation techniques in interpreted code. This includes software routinely abused by malware authors such as Powershell and Visual Basic for Applications. You will next be able to expand your skills by learning about code obfuscation in native code. Finally, you will discover how malware authors use cryptography for obfuscation and ways to detect it. Each module of this course will include detailed demonstrations and hands-on labs that will allow you to analyze real-world malware. You will be going deep into malware obfuscation techniques with such tools as IDA Pro and WinDbg. By the end of this course, you will have the knowledge and skills to effectively tackle obfuscation!


Lessons:
1. Course Overview
01. Course Overview
2. How Obfuscation Affects Your Analysis
02. Module Introduction
03. Understanding Code Obfuscation
04. How Obfuscation Impacts Analysis
05. What You Should Know
06. Conclusion
3. Detecting and Defeating Code Obfuscation in Interpreted Code
07. Module Introduction
08. Prevalent Obfuscation Techniques
09. Obfuscation in Visual Basic for Applications (VBA)
10. Demo: Defeating VBA Obfuscation
11. Obfuscation in PowerShell
12. Demo: Defeating PowerShell Obfuscation
13. Lab: Performing Comprehensive Analysis
14. Conclusion
4. Detecting and Defeating String Obfuscation in Native Code
15. Module Introduction
16. Differences from Interpreted Code
17. String Obfuscation
18. Demo: Identifying String Obfuscation
19. Lab: Defeating String Obfuscation
20. Conclusion
5. Detecting and Defeating Function Obfuscation in Native Code
21. Module Introduction
22. Constructing an Import Table
23. Walking the PEB, Parsing a PE
24. Demo: Dynamic API Resolution
25. Lab: Tracing Import Table Construction
26. Conclusion
6. Identifying Malware Use of Cryptography
27. Module Introduction
28. Purpose of Cryptography in Malware
29. Tools to Help Identify Use of Cryptography
30. Demo: Finding Cryptography
31. Lab: Analyzing Malware That Uses Cryptography
32. Conclusion
7. Leveling up Your Skills
33. Module Introduction
34. What You Learned
35. Leveling up Your Skills
36. Conclusion

Our members see more. Join us!
-------------
Our members see more. Join us!