Opleidingen

Opleiding: Malware and Memory Deep Dive Workshop [EC-MMDD]

OVERVIEW

In this Malware & Memory Forensics workshop, you will learn details of how malware functions, and how it is categorized. Then you will be shown details of the structure of memory, and how memory works. There is plenty of hands-on memory forensics. You will learn how to analyze memory to find evidence of malware.

OBJECTIVES

The purpose of the workshop is to teach students essential memory forensics; this workshop assumes a basic understanding of PC’s, networks, and basic forensics.

CONTENT

Types of Analysis

  • Swap space analysis
  • Memory Analysis
  • Data acquisition as per RFC 3227

In-memory data

  • Current processes
  • Memory mapped files
  • Caches
  • Open Ports

Memory Architectural Issues

  • Data structures
  • Windows Objects
  • Processes
  • Handles
  • Pool-tag scanning
  • %SystemDrive%/hiberfil.sys
  • Page/Swap File

Tools used

  • Using volatility
  • Dumpit.exe
  • hibr2bin
  • Win32dd
  • Win64dd
  • OSForensics

Registry in Memory

Meer...
€595
ex. BTW
Aangeboden door
Global Knowledge Network Netherlands B.V.
Onderwerp
Malware
Niveau
Looptijd
365 dagen
Taal
nl
Type product
cursus
Lesvorm
E-Learning
Keurmerken aanbieder
Cedeo
CRKBO en BTW-vrijstelling
VOI
EXIN
ISO register
Microsoft Learning Partner
VMWare Partner
Oracle Education Partner
AgilePM - Agile Project Management (APMG)
ASL