From the course: Cisco Certified CyberOps Associate (200-201) Cert Prep: 1 Security Concepts
Unlock the full course today
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Dissecting malware using reverse engineering
From the course: Cisco Certified CyberOps Associate (200-201) Cert Prep: 1 Security Concepts
Dissecting malware using reverse engineering
- [Instructor] Reverse engineering examines malware to assess what activity takes place during an attack. This is done in order to prevent future attacks. Now I'm at this website, Reverse Engineering Malware. And I'll scroll down. And this talks about some of the techniques that we can use while analyzing malware. The first one is static analysis. Now this is a real simple method but you can pick up some information. This takes a look at the malware or binaries without actually running in. And that could be as simple as looking at the metadata from a file. Here's one that I opened up, it's actually one called crackme.exe. And I opened it up in notepad. Now you can see some of the information and I'll scroll down see if you can pick up any other things. Well, let me do this. Let me go to Edit and Find, and we'll see if we can find anything related to a password. Hmm. There's one. Find usage: crackme-1-2-3-1…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
-
Recognizing the complexity of today’s environment3m 46s
-
Leveraging threat intelligence5m 13s
-
Hunting threats4m 23s
-
Analyzing malware2m 35s
-
Dissecting malware using reverse engineering6m 40s
-
Detecting anomalies using the sliding window4m 50s
-
Comparing detection methods4m 10s
-
Using five-tuple log analysis4m 48s
-
Monitoring data loss using traffic profiles4m 24s
-
-
-