Practical: Malware Analysis and Investigations
Put your malware knowledge into practice to improve your digital forensics skills with this practical course from PA Consulting.
Duration
5 weeksWeekly study
3 hours
Practical: Malware Analysis and Investigations
Apply investigative methodology to malware
This five-week course will help you put your knowledge from the Digital Forensics and Incident Response (DFIR) Expert Track into practice.
You’ll learn to use investigation methodology in the context of malware to understand the practical steps to take to prevent a malware attack.
By exploring different analysis environments, you’ll learn how to set up the right kind of environment in order to extract the most information about the malicious software.
Learn how to detect network connections and collect network traffic
Malware is typically delivered over a network, so an understanding of network connections is vital in helping you prevent an attack.
You’ll explore practical methods to find malware connectivity, as well as the importance of collecting network traffic – the amount of data moving across a computer network.
Explore volatile vs static analysis
You’ll identify different types of malware analysis, such as volatile and static, to further your understanding of malware and the impact it can have on a system.
You’ll learn how to find suspect processes and files, and how to discover malware persistence mechanisms to help you remove malware as quickly and effectively as possible, should an attack occur.
By the end of the course, you’ll feel confident in applying your knowledge to practical situations to further your skills as a digital forensic investigator or cyber security incident responder.
Syllabus
Week 1
Practical Malware Investigations
ExpertTrack Courses
Introduction to ExpertTrack Learning
Welcome to the course
Course welcome and instructor biography.
Week one introduction
An introduction to the content of week one by the course author.
Quiz - Let's test your cyber knowledge
Short quiz to understand the background knowledge required to become a competent malware investigator
Malware states
A review of malware states
Analysis environments
A look at analysis environments
Investigation methodology
Malware investigation methodology
End of week test
A short test to confirm week one learning points.
Week 2
How to find malware connectivity
Week two introduction
An introduction to the content of week two by the course author.
Ports (Malware connectivity)
Malware connectivity
End of week two
A short test to confirm week two learning points and a review of the week.
Week 3
How to find suspect processes
Week three introduction
An introduction to the content of week three by the course author.
Malicious processes
Finding malicious processes
End of week three
A short test to confirm week three learning points followed by a review of the week.
Week 4
How to find suspect files
Week four introduction
An introduction to the content of week four by the course author.
Finding suspect files
Methods to find suspect files
End of week
A short test to confirm week four learning points followed by review of the week.
Week 5
How to find malware persistance
Week five introduction
An introduction to the content of week five by the course author
Malware persistance
Malware persistence
End of week five
A short test to confirm week five learning points followed by a review of the week.
Learning on this course
On every step of the course you can meet other learners, share your ideas and join in with active discussions in the comments.
What will you achieve?
By the end of the course, you‘ll be able to...
- Demonstrate an understanding of the different analysis environment types
- Explore network connections and collect network traffic
- Identify malicious processes
- Develop processes and services to prevent malware persistence
Who is the course for?
This course is designed for anyone who has completed the Digital Forensics and Incident Response (DFIR) Expert Track.
It will help you gain an understanding of malware analysis to help protect your organisation from an attack.
Who will you learn with?
Steve is a incident response consultant who specializes in cyber and malware investigations. Steve also authors and delivers cyber technical training courses to both public and private sector clients.
Who developed the course?
PA Consulting
An independent firm of over 2,600 people, we operate globally from offices across the Americas, Europe, the Nordics, the Gulf and Asia Pacific.
Learning on FutureLearn
Your learning, your rules
- Courses are split into weeks, activities, and steps to help you keep track of your learning
- Learn through a mix of bite-sized videos, long- and short-form articles, audio, and practical activities
- Stay motivated by using the Progress page to keep track of your step completion and assessment scores
Join a global classroom
- Experience the power of social learning, and get inspired by an international network of learners
- Share ideas with your peers and course educators on every step of the course
- Join the conversation by reading, @ing, liking, bookmarking, and replying to comments from others
Map your progress
- As you work through the course, use notifications and the Progress page to guide your learning
- Whenever you’re ready, mark each step as complete, you’re in control
- Complete 90% of course steps and all of the assessments to earn your certificate
Want to know more about learning on FutureLearn? Using FutureLearn
