At Black Hat, the course began with basic techniques for static and dynamic malware analysis, including the extensive range of tools available for these two methods and how they are used.
Afterwards, we put our first round of skills to the test in hands-on exercises.
We also learned about packers and how the Windows loader operates, a crash course in X86 architecture, a walk-through of IDA Pro and examples of what uncompiled code looks like in assembly, followed by more exercises.
Day one of malware analysis was no joke! I look forward to rounding out the rest of the course. Great job Mandiant!
Author: zvelo
Making the Internet Safer and More Secure. zvelo provides industry-leading cyber threat intelligence and URL classification data services. zvelo’s proprietary AI-based threat detection and categorization technologies, combines curated domains, threat and other data feeds, with the clickstream traffic from its global partner network of 600+ million users and endpoints to provide unmatched visibility, coverage, reach and accuracy. zvelo powers applications and solutions for the world's leading providers of web filtering, endpoint detection and response (EDR), extended detection and response (XDR), Secure Access Service Edge (SASE), brand safety and contextual targeting, cyber threat intelligence platforms, threat analysis, and more.
