Corporate Networks Malware (malicious software) Analysis Training

Malicious Software (Malware) World

• Basic concepts
• Malware, Virus, Worm, Trojan, Spyware, Ransomware
• Crime vs. New Generation Cyber ​​Crime Concept
• Underground Economy and Dynamics
• Purpose Used Malware and Cyber ​​Espionage
• Malicious Software (Malware) Analysis
• Malware news from Turkey and the World
• APT(Advanced Persistent Threat) Kavramı
• Example An APT (Advanced Persistent Threat) Scenario

Malicious Software (Malware) Analysis Methods

• Dynamic Analysis Methods
• Static Analysis Methods
• Advanced Analysis Methods
• Malware type influenced by the System
• Affecting Windows Malicious Software Systems
• Malware Affecting Linux Systems for
• Mobile (Android / iOS) System Affecting Hazardous Software

Malware Analysis Tools and Basic Usage

• Debugger (Extract) and Disassembler Concepts
• Disassembler Debugger and use the Basic Level
• Online Malware Analysis Sites and Basic Working Methods
• Malware Spreading Mechanism
• Malware Keşfinde Microsoft SysInternals Araçları

Topics Introduction to Botnets

• Performed Botnets Using Intrusion Types
• Botnet Detection Monitoring and Traffic Analysis Purposes
• Snort Intrusion Detection System botnet Rules
• C & C Protected Fastflux Use
• Malware and botnets Discovery Using DNS Sinkhole
• Example Botnet Analysis (Zeus)

Malware Lab for analysis. Preparing the environment

• Use Advantages / Disadvantages of Virtual Machines in Malware Analysis
• Malware Analysis for VMware Installation / Configuration
• Preparation Inets'm using a fake Network Services
• Malware Analysis, Business Ready Linux Distribution: Remnux
• Installing the Sandbox
• Cuckoo Sandbox Installation and Usage Example
• Sandboxie Use

Recognized Using Simple Tools Malware Development / Production

• Ready Production Tools Malware and Online Services
• FUD (Fully Undetectable) Malicious Software Development
• Crypt, Packer, Joiner, Wrapper, Binder Concepts and Purpose of Use
• Study Purpose Malware Transportation to Example
• Windows / UNIX / Linux system in Malware Analysis
• Linux / UNIX system in Malware Analysis Tools

Static Analysis Method in Malware Detection

• Operation of Basic Antivirus and antimalware software Logic
• Yet Malware Capture packaging for meaningful words
• Packaged and mixed (obfuscate) malware Usage
• Packaging and Solving Tools
• Determining the Packaging Type with Peider
• UPX use for packaging
• Using the Open File packaged OllyDBG
• Packaging Methods of Analysis Tools for Unknown
• Windows PE File Type and Segments

Malware Detection Method for Dynamic Analysis

• Dynamic Analysis of Advantages and Disadvantages
• The concept of the sandbox
• Tools for Dynamic Analysis
• Windows SysInternals Tools
• Started by malware Process (process) Tracking
• Proc bearing, use Process Explorer
• Written by malware Disc / Determination of the Deleted Files
• Use Capturebat
• Firemode Usage
• Registry settings modified by malware
• Use Regshot
• PDFs and Microsoft Office Document Analysis
• Javascript Analizi

Investigation of traffic generated by malware

• Intervention in the SSL Traffic
• Wireshark ngrep, Tshark Using Traffic Analysis
• Using Snort IDS signature writing for Malware
• Network Traffic Analysis of Malware Analysis
• DNS Sinkhole Use Prevention and Detection of Malware

Malware Analysis Purpose Memory Dump (Memory Dump) Review

• Operating System Role and Importance of Working Memory
• Basic Information Required for Memory Analysis
• Memory Dump Removal Methods and Tools
• Casting Virtual Memory Maker in Alma
• Purpose Memory Dump Getting Used Commercial / Free Tools
• Volality Using Memory Analysis Software
• Finding its Own Operation Network File
• Password Finding Memory
• Extracting Executable File Own Malware from memory
• Malware Hunt Memory

Malware Analysis Working with examples

• In simple Stuxnet Analysis Instruments (Basic Level)
• Duqu analysis with simple vehicle (Basic Level)
• Failure of standard complex Malware Analysis Tools
• Required Tools and Techniques for Advanced Malware Analysis

Final Study