Malware Inside (MWI)

Course Description Schedule Course Outline

About this Course

Too often, network, systems, and even security professionals are unaware of the workings of some of the most common threats. A deeper understanding of how malware operates, as provided in this course, will help professionals in making educated choices on how to go about confronting and defeating the threat of malware.

In recent years, hackers have shifted their activities from servers to workstations. The hunt for confidential information, theft of digital identities and credit card information has become a multimillion dollar business. Criminal organizations such as the infamous "Russian Business Network" have the necessary resources for network-based attacks or the distribution of malware via SPAM. This course covers the common (and some more esoteric) malware that inexperienced, reckless or negligent users and administrators may introduce into the environment. The course includes practical exercises in which participants deliberately infected systems, perform analysis and discovery and work towards "disinfecting". The exercises deal with the analysis of network traffic, data structures in memory and on disk.

Malware Schedule High-Level Overview

Day 1: Overview Malware and Tojans on the Network

  • Trojan horses
  • Rootkits
  • Spyware / Adware
  • Viruses
  • Browser Helper Objects
  • Infection vectors
  • Network signatures of an infection
  • Botnets
  • Control channels
  • Obfuscation techniques
  • Firewall and proxy bypassing

Day 2: Trojans in Memory and Trojans on the Hard Disk

  • Strategies for live system examination
  • Common tools
  • Workshop: Finding malware
  • Finding trojan horses in a forensic examination
  • Recognizing infection vectors
  • Network intrusions through poorly configured systems

Who should attend

This course is intended for:

  • Investigators
  • Systems Administrators
  • Security specialists
  • Network administrators
  • Privacy and Security professionals

Class Prerequisites

  • Basic knowledge of operating systems and networks


The instructors for this course all have deep, hands-on experience with intrusion and malware analysis. The course is regularly updated to include the latest tools and tips from the field.

Outline: Malware Inside (MWI)


  • Agenda
  • What you should know
  • Introduction
  • The Works

Recent Security News

  • Weak SSL keys generated by Debian Linux
  • Predictable DNS Transaction IDs
  • LOL Phone
  • IOS Router Forensics

Introducing Malware

  • What is Malware
  • Infection Vectors

Case Study: Cyber Crime

  • Background
  • Internet Service Prodivers
  • Connection to the Internet
  • Controlling the Botnet
  • The Masterminds

Operating Systems

  • In the beginning there was no “Operating System” at all!
  • Operating System Architecture
  • Process Handling
  • Memory Management
  • Sysinternals

Trojan Hunt in the Kernel

  • Introducing IceSword
  • Malware Analysis
  • Case Studies
  • Storm: Case study on modern malware
Classroom Training

Duration 2 days

  • United States: US$ 1,200
Enroll now
Online Training
Enroll now