Financial Malware Analysis

This training course provides all you need to know for analyzing sophisticated malware used in modern real-world attacks against financial organizations. You will learn how to reverse malicious code used by Lazarus, Carbanak and Silence, among others. You will analyze methods, malware, payload delivery vectors, shellcodes, anti-analysis and anti-detection capabilities used in modern financial attacks. The training is 99% hands on and provides students with the core knowledge to reverse engineer financial malware, regardless of their tool of choice. 


The training will take place on December 7-10, 2020. Places are limited. 

Why is this training unique?


The course is designed and conducted by Sergey Lozhkin. Sergey has more than 7 years of experience in the Kaspersky Global Research and Analysis Team where he uncovered and analyzed some of the most advanced financial attacks, including Silence, Carbanak and Lazarus. He is also one of the teachers on the Reverse Engineering training course.

Sergey has tailored his reverse engineering training for the financial sector, selecting the most interesting cases to provide a better understanding of how to fight the most dangerous threats facing the financial sector.

Who should attend?


This training is designed for reverse engineers, security analysts and operators, as well as threat intelligence analysts who want to gain a better understanding of modern attacks against financial organizations.

Prior reverse engineering knowledge is required – the training is not suitable for beginners.  

Key takeaways


  • Reversing approach and first steps to analyzing modern financial attacks.

  • Static and dynamic analysis of financial APT samples and artefacts.

  • Creating automatic deobfuscation tools.

  • Analysis of malicious documents: shellcode and payload extraction.

Duration and format


This is a fully online 24-hour course split into 6-hour sessions over 4 days.




  • Core programming concepts.

  • Knowledge of Windows OS architecture and APIs. 

  • Basic knowledge of Assembler language is a must.

Barcelona, Spain

  • Twitter
  • LinkedIn

©2020 by ITrainSec. Proudly created with