Malicious Code Reverse Engineering by IDA

Malicious Code Reverse Engineering by IDA

This is reverse engineering training agenda. We primary use IDA to analyze some cases i.e. break password, malicious code, and DLL injection.

 

 

Malicious Code Reverse Engineering by IDA

Reverse Engineering is to tell the programming logic from the binary. The learning objective of the reverse engineering of the course is to –

  • Uses of IDA to trace the EXE/DLL programming logics, API call,
  • Runtime manipulation of the programming logics, and register values for a simulated password crack program
  • Observation of DLL injection behavior
  • Network communication downloader behavior, Http C&C, Sniffer, packet spoofing

How the course will proceed?

  • Uses of IDA to inspect typical malicious DLL/EXE (DLL injection, CrackMe, Http C&C, downloader..)
  • Hands on labs

 

When registration, please plan your time well to ensure your attendance and participation. 5-min presentation for your own troubleshooting case sharing will be required at the end of course.

 

Prerequisite

  • Basic Windows OS concept. i.e. process and, thread.
  • Uses of IDA or Assembly is nice to have

 

Course Name Malicious code reverse Engineering by IDA
Speaker Tony Hsu
Duration 6 hours
Language Chinese
   

 

 

 

 

Agenda

Session 1
  • Basic Uses of IDA pro
  • CrackMe case Study
  • DLL injection case study
  • Downloader Case study
  • Key Logger Case study
Session 2
  • Http connection C&C Case study
  • OS/VM detection Case study
  • User mode rootkit case study
  • Homework

 

Leave a Reply

Your email address will not be published. Required fields are marked *