At Black Hat, the course began with basic techniques for static and dynamic malware analysis, including the extensive range of tools available for these two methods and how they are used.
Afterwards, we put our first round of skills to the test in hands-on exercises.
We also learned about packers and how the Windows loader operates, a crash course in X86 architecture, a walk-through of IDA Pro and examples of what uncompiled code looks like in assembly, followed by more exercises.
Day one of malware analysis was no joke! I look forward to rounding out the rest of the course. Great job Mandiant!