FOR202 - Malware Internals

How does malware work? How do you trace where malware came from? In order to defeat your enemy, you must understand your enemy. This course covers the various types of malware and how it typically operates in a Windows system. 

Level: Intermediate
Audience: Cyber forensics investigators
Topics: This seminar presents a detailed description of each of the major types of malware. For each type, we will give a general description, show how it infects a system, describe how it works internally, how to detect it, how to remove it, and the available prevention mechanisms.
  • Overview
  • Virus
  • Trojan horse
  • Worm
  • Bots and bot-nets
  • Spyware
  • Adware
  • Ransomware
  • Pornware
  • Rogue security software
  • Pass the hash
  • Malformed files
  • Time bombs
  • Browser hijacking
  • DNS spoofing
Prerequisites: FOR205, Windows Internals for Forensics Investigators, or equivalent experience
Operating systems supported: All versions of Windows
Durations and formats: 2 days with labs