ADVANCED CRIMEWARE REVERSE ENGINEERING

Price:

From €990

Duration:

4 days

April 12-15, 2021

Level:

Medium

Trainer

Sergey Lozhkin

Sergey Lozhkin is a malware reverse engineer focusing on APTs. He researches various topics in cybersecurity, mostly related to investigating and reverse engineering advanced persistence and financial threat. For 7 years, Sergey was a senior security researcher at Kaspersky Global Research and Analysis Team where he researched and published on financial threats like Carbanak, Silence, and Digital Doppelgangers and analyzed many nation-state APTs samples. Based on this experience, Sergey created malware reverse engineering courses that show the most effective methods for analyzing top malware threats. He's trained both beginner and experienced malware analysts, SOC analysts in various private and government organizations all over the world, as well as law enforcement officers.

About the training

This training provides all you need to know for analyzing sophisticated malware used in modern real attacks against financial organizations. We will learn how to reverse malicious code used by Lazarus, Carbanak and Silence, among others. We will analyze methods, malware, payload delivery vectors, shellcodes, anti-analysis and anti detection capabilities used in modern financial attacks. The training is 99% hands on and provides students with the core knowledge to reverse engineer financial malware, regardless of their tool of choice. This training is designed for Reverse Engineers, Security Analysts and Operators, as well as Threat Intelligence analysts who want to have a be:er understanding on how modern attacks against financial organizations look like. Prior reverse engineering knowledge is required - this training is not aimed for beginners.

Key Takeaways

• Reversing approach and first steps to analyzing modern financial attacks.
• Static and dynamic analysis of financial APT samples and artefacts.
• Creating automatic deobfuscation tools.
• Analysis of malicious documents: shellcode and payload extraction.

Duration
4 days

Level: Advanced

Requisites

• Core programming concepts.
• Knowledge of Windows OS architecture and APIs.
• Basic knowledge of Assembler language is a must.