17 OCT 2024 - Welcome Back to TorrentFunk! Get your pirate hat back out. Streaming is dying and torrents are the new trend. Account Registration works again and so do Torrent Uploads. We invite you all to start uploading torrents again!
TORRENT DETAILS
Windows Malware Analysis For Hedgehogs - Beginner Training
TORRENT SUMMARY
Status:
All the torrents in this section have been verified by our verification system
This course teaches more than just reverse engineering because as a malware analyst you need a variety of other skills. You will learn how to classify samples into malware types, how to identify malware families and how to determine file verdicts like clean, malicious, potentially unwanted programs, junk, grayware, or corrupt. Additionally, you will learn how malware persists, how to identify malicious autostart entries and clean infected systems.
The course aims to dispel common myths such as “trojan in a detection name means the file is a trojan horse” or “antivirus detection names are a malware classification”.
As a malware analyst with experience working at an antivirus company since 2015, I have trained many beginners in the field. I understand the usual pitfalls and the concepts that you need to grasp to become proficient. I focus on building strong foundations that make you flexible in the face of new malware advancements, rather than providing shortcuts with step-by-step recipes.
I will teach you how to differentiate between different types of files, including installers, wrappers, packed files, non-packed files, hybrid, and native compiled files. You will learn which tools to apply in which situations and how to analyse samples efficiently. To do that I give you example approaches that work for most situations.
This course is ideal for you if you already have some IT background, such as hobby or professional programmers, computer enthusiasts, administrators, computer science students, or gamers with an interest in the inner workings of software or IT security.
If you have a strong interest in the topic but lack the necessary IT background, I recommend that you learn programming first. Please refer to the course requirements for more information.
Tools
All the tools and web services that we use during the course are free:
Ghidra
x64dbg
VirtualBox
SysInternals Suite
PortexAnalyzer CLI and GUI
VirusTotal (without account)
Speakeasy by Mandiant
API Monitor
CyberChef
EXIFTool
Meld
VBinDiff
AnalyzePESig
DnSpy
C# Online Compiler programwiz
TriD
Detect-it-Easy
ReNamer
7zip
Notepad++
HxD
Malpedia
lnk_parser
Requirements
You should have a strong understanding of at least one programming language, such as Python, C, C++, Java, or C#. This is a crucial requirement for the course, not only because we create small scripts during the course but because reverse engineering needs an understanding of software as foundation. The specific language does not matter, as you cannot learn every language you may encounter during analysis anyways. The concepts of programming must be clear, though.
If you are not there yet, you should not buy this course and start learning C instead. C is great because it is low-level and will integrate well with x86 assembly language.
Additionally, you must be able to read (not write) x86 assembly to understand everything in the course. Without assembly you will only be able to understand two-thirds of the content. So if you consider starting this course right away and learning assembly alongside it, that should work fine.
During this course we look at samples that use the following execution environments:
x86, x64 assembly
.NET
Batch
PowerShell
Nullsoft scripts
However, you do not need to learn all of these languages. Because an analyst encounters new languages all the time, your skillset is rather in using the available documentation, manuals and help provided for those environments and languages. I also show you during the course how to use the documentation for ,e.g., PowerShell.
Out of scope
Malware analysis is a broad field, so there are inevitably topics that I will not teach during this course because they would rather require their own course. Some of these topics are: assembly language, programming, how computers work, URL and website analysis, networks, analysis of malware for other platforms than Windows, mobile malware, IoT malware.
Who this course is for:
ideal for people with some IT experience or IT enthusiasts who are beginners in malware analysis and reverse engineering
entry-level or aspiring malware analysts
computer science graduates
software developers
SOC analysts
hobby programmers
Requirements
You know how to program in at least one language (e.g. Python, C, C#, Java, …)
You are able to read x86 assembly
Last Updated 10/2023
VISITOR COMMENTS (0 )
FILE LIST
Filename
Size
.pad/0
265.1 KB
.pad/1
664.7 KB
.pad/10
322 KB
.pad/11
866.1 KB
.pad/12
1006.6 KB
.pad/13
1023.3 KB
.pad/14
46.1 KB
.pad/15
584.4 KB
.pad/16
686.7 KB
.pad/17
719.8 KB
.pad/18
839.4 KB
.pad/19
313 KB
.pad/2
683 KB
.pad/20
585.1 KB
.pad/21
388.1 KB
.pad/22
172.6 KB
.pad/23
427.7 KB
.pad/24
907.3 KB
.pad/25
952.8 KB
.pad/26
439.9 KB
.pad/27
58.2 KB
.pad/28
375.6 KB
.pad/29
389.5 KB
.pad/3
271.2 KB
.pad/30
295.4 KB
.pad/31
607.9 KB
.pad/32
674.1 KB
.pad/33
418.5 KB
.pad/34
583.4 KB
.pad/35
620.3 KB
.pad/36
814.9 KB
.pad/37
925 KB
.pad/4
384.9 KB
.pad/5
532.8 KB
.pad/6
858.6 KB
.pad/7
946.1 KB
.pad/8
752.4 KB
.pad/9
516.1 KB
TutsNode.org.txt
63 B
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/10. Debugging basics with x64dbg/10. x64dbg Quiz.html
167 B
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/10. Debugging basics with x64dbg/2. Download links and bookmarks.html
872 B
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/10. Debugging basics with x64dbg/5. Lab x64dbg 3 Software breakpoints.mp4
89.1 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/10. Debugging basics with x64dbg/7. Lab x64dbg 5 Memory breakpoints.mp4
83.7 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/10. Debugging basics with x64dbg/8. Lab ASLR 1 Rebasing and DllCharacteristics in the Optional Header.mp4
94.4 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/10. Debugging basics with x64dbg/9. Lab ASLR 2 Hex to Bin Conversion, Bitmasks and Disabling Exploit Protection.mp4
83.4 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/11. Ransomware analysis with Ghidra and x64dbg/2. Lab Legion ransomware 1 Triage.mp4
83.3 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/11. Ransomware analysis with Ghidra and x64dbg/3. Lab Legion ransomware 2 Finding main.mp4
79.4 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/11. Ransomware analysis with Ghidra and x64dbg/4. Lab Legion ransomware 3 Date check markup.mp4
87.6 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/11. Ransomware analysis with Ghidra and x64dbg/6. Lab Legion ransomware 5 Understanding the encryption.mp4
127.5 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/11. Ransomware analysis with Ghidra and x64dbg/7. Lab Legion ransomware 6 Patching with x32dbg.mp4
105 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/11. Ransomware analysis with Ghidra and x64dbg/8. Lab Legion ransomware 7 Ransomware monitoring and file decryption test.mp4
102.4 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/12. Packers and unpacking methods/10. Lab Poison 1 Speakeasy API logging.mp4
130.3 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/12. Packers and unpacking methods/11. Lab Poison 2 Unpacking via RtlDecompressBuffer.mp4
88.1 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/12. Packers and unpacking methods/12. Lab Injector DLL Unpacking via VirtualAlloc.mp4
127.7 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/12. Packers and unpacking methods/4. Download links and documentation.html
3 KB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/12. Packers and unpacking methods/6. Lab Winupack 1 packing, fix disassembly in x32dbg.mp4
121.3 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/12. Packers and unpacking methods/7. Lab Winupack 2 Find OEP via tracing, dump and fix imports.mp4
100.3 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/2. Malware lab setup/10. Safety rules summary.html
8.1 KB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/2. Malware lab setup/10.1 Safety rules.pdf
70.7 KB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/2. Malware lab setup/11. Safety rules quiz.html
167 B
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/2. Malware lab setup/2. Download links.html
951 B
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/3. Triage and file type basics/10. Lab Exercise solution.mp4
80.6 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/3. Triage and file type basics/11. Triage Quiz.html
167 B
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/3. Triage and file type basics/2. Download links.html
1.6 KB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/3. Triage and file type basics/3. Lab Triage 1 Determine file types of unknown samples.mp4
103 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/3. Triage and file type basics/5. Lab Triage 2 Whole file examination.mp4
142.5 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/4. Wrapped files and installers/11. Lab Installers 3 Extract 7zip SFX configuration.mp4
76.1 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/4. Wrapped files and installers/12. Lab Installers 4 Triage of multiple files.mp4
106.2 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/4. Wrapped files and installers/13. Wrappers and installers quiz.html
167 B
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/4. Wrapped files and installers/3. Tools and links.html
589 B
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/4. Wrapped files and installers/4. Lab Wapped files 1 Triage of a wrapped file.mp4
103 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/4. Wrapped files and installers/5. Lab Wrapped files 2 Obtaining the script with ACLs.mp4
124.1 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/4. Wrapped files and installers/9. Lab Installers 1 Layer 1 Unpacking Nullsoft.mp4
138.4 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/5. Malware Persistence and Disinfection Basics/3. Links.html
501 B
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/5. Malware Persistence and Disinfection Basics/4. Lab Services.mp4
127.6 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/5. Malware Persistence and Disinfection Basics/5. Lab Disinfection 1 Autoruns - Run, IFEO.mp4
126.2 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/5. Malware Persistence and Disinfection Basics/6. Lab Disinfection 2 RunOnce, Active Setup, Scheduled Tasks, LNKs.mp4
113.5 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/5. Malware Persistence and Disinfection Basics/7. Malware Persistence and Disinfection Quiz.html
167 B
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/6. Portable Executable format and .NET/13. Lab .NET 3 Code search in DnSpy.mp4
92.6 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/6. Portable Executable format and .NET/2.1 Portable Executable Format-Basics.pdf
118.2 KB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/6. Portable Executable format and .NET/3. PortexAnalyzer and DnSpy download.html
1 KB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/6. Portable Executable format and .NET/4. Lab PE 1 MS DOS stub, COFF file header, timestamps and REPRO builds.mp4
102.3 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/6. Portable Executable format and .NET/5. Lab PE 2 Optional header and section table.mp4
94.7 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/6. Portable Executable format and .NET/6. Lab PE 3 Resources, icons, debug path, imports.mp4
78.4 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/6. Portable Executable format and .NET/8. Portable Executable metadata exercise.html
171 B
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/6. Portable Executable format and .NET/9. Portable Executable Quiz.html
167 B
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/7. File analysis verdicts/2. File analysis verdicts.mp4
85.6 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/7. File analysis verdicts/5. Installing the bindiff and certificate tools.html
944 B
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/7. File analysis verdicts/6. Lab diffing 1 Binary diffing with vbindiff and meld.mp4
85.6 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/7. File analysis verdicts/9. Lab diffing3 Force strict signature verification.mp4
98.2 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/8. Malware classification and analysis reports/10. SteamHide FinalMalware.exe analysis.html
171 B
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/8. Malware classification and analysis reports/6. Tools and links.html
515 B
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/8. Malware classification and analysis reports/8. Lab report writing 2 ICC profile extraction with exiftool.mp4
77.2 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/8. Malware classification and analysis reports/9. Lab report writing 3 Malware decryption with CyberChef.mp4
108.7 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/9. Ghidra basics/2. Download link for Ghidra.html
315 B
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/9. Ghidra basics/5. Lab Ghidra 2 Windows in the codebrowser part 1.mp4
93.6 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/9. Ghidra basics/7. Lab finding main 1 MinGW and VisualStudio C++ applications.mp4
92.8 MB
[TutsNode.org] - Windows Malware Analysis for Hedgehogs - Beginner Training/9. Ghidra basics/8. Lab finding main 2 A more difficult application.mp4
