by I completed this training earlier this year of 2020 and I wanted to post a review so people know what to expect and what is possible to learn.
First I wanted to say I wasn’t really into malware analysis, yes I would look into malware traffic and sometimes observe IDS alerts/traffic to see how can I detect Malware activity. Back when I took my Security+ from CompTIA, I would learn about different kinds of malware and how they “work” emphasis on the work because the expectation of Security+ is what to expect or how it works such as Worms don’t require User Interaction they just sniff around for vulnerabilities that it can abuse and constantly spread around the network but never are we required to know HOW the worm is created or HOW the worm actually spreads. So I decided I should learn maybe the inner workings of malware and let me say…..It is a lot but don’t let that intimidate you because this course is beginner friendly. Do I think a little bit of knowledge in security, programming and IT in general helps, Yes but overall don’t let those small things affect your learning one thing I learned in this course is the DESIRE to learn is what matters the most! Lets start with it all kicks off with setting up a VM, how are you supposed to analyze malware when you don’t have an environment to analyze in and he tells you how to configure it because last thing we want is to open up malicious software that spreads across your home network, company network and who knows what else it will infects. Once the VM is installed next he explains the different variants of malware such as droppers, bankers, backdoors, miners, ransomware and others. Once he breaks down each one then the biggest hurdle and my biggest challenge was knowing x86 assembly, but with every major challenge comes with a lot of studying and learning. So as I was going through the course I would spend time understanding CPU architecture, registers, FIFO and so on. This little time you spend understanding will help along the way. Don’t expect to absorb everything because some of this content you will have to reach out to almighty google to better grasp the information. Once you have some understanding of that knowledge then it comes to the real fun! Debugging, analyzing and looking at how to breakdown malware infrastructure. How to read obfuscated code, seeing the truth in the lines of liar code I like to say. He will show you how to use different tools, debuggers and software to help understand what the malware is doing, is it reaching out to a C2 Server, what unique processes is it creating, what registries are being created, changed and manipulated. This whole course overall is how can I take an individual who is interested into malware but doesn’t know where to start, overall one of my favorite courses to take and it is affordable compared to most other training platforms Cough SANS Cough but I really hope you can appreciate this post and program as much as I have if you have any thoughts or information you can contact me via email or my Social.
CyberSecurity Blog 