Forensic Investigator, Part 06 of 10: Malware Forensics

Course description

When was the last time you scanned your system for problems? Did you find anything during a scan? Malware is a serious problem for end systems and networks in general. We are going to look at malware types like rootkits, viruses and Trojans and how we might become compromised. Once we find the malicious software, we as investigators need to know how to analyze the data. We have to ask ourselves are we doing a static or dynamic analysis on the malware. Static versus dynamic, or maybe both, will be a necessary part of our investigation. This course is part of a series covering the EC-Council Computer Hacking Forensic Investigator (CHFI).

Each LearnNowOnline training course is made up of Modules (typically an hour in length). Within each module there are Topics (typically 15-30 minutes each) and Subtopics (typically 2-5 minutes each). There is a Post Exam for each Module that must be passed with a score of 70% or higher to successfully and fully complete the course.

Prerequisites

Recommended: Understanding of networking; How data flows from source and destination Computer security basics such as passwords, encryption and physical security Basic understanding of computing and computer systems Experience with various operating systems

Meet the expert

David Bigger

David Bigger is the lead trainer at Bigger IT Solutions. He has been information technology for a little over 20 years and has been training all over the US. He has worked with companies like US Military, Lockheed Martin, General Dynamics, Dominos Pizza, University of Utah and Expedia

Video Runtime

57 Minutes

Time to complete

77 Minutes

Course Outline

Malware and Analysis

Malware (21:54)

• Introduction (00:26)
• Malware Forensics (06:38)
• Malware Parts (02:38)
• Malware, Virus (01:54)
• Malware, Trojan (02:20)
• Malware, Worm (02:26)
• Malware, Rootkit (02:00)
• Malware, Ransomware (03:11)
• Summary (00:17)

Static Analysis (20:00)

• Introduction (00:21)
• Malware Analysis (06:03)
• Other Malware Analysis Tools (02:41)
• Static Anlysis (01:12)
• Static Analysis Techniques (05:17)
• Statistical Analysis Techniques, Continued (04:03)
• Summary (00:20)

Dynamic Analysis (15:44)

• Introduction (00:22)
• Dynamic Analysis (00:56)
• Dynamic Analysis Techniques, Registry Monitors (02:04)
• Registry Monitoring (00:50)
• Dynamic Analysis Techiques, Process Monitors (01:51)
• Dynamic Analysis Techniques, Port Monitors (01:49)
• Dyamic Analysis Techniques, Network Sniffers (00:47)
• Wireshark (02:09)
• Dynamic Analysis Techniques, Mo (01:26)
• Network or Internet Simulators (03:03)
• Summary (00:21)