This workshop is intended to show how exploring the world of Windows malware in the "eyes" of static analysis can actually be a really fun thing!
The participants will go over the life cycle of malware, by statically analyzing some real malware and learning how to read and understand the intention behind a piece of code.
This training is free and for women only as per Blackhoodie standards. It will be held in two 2 hour sessions on consecutive days and has a cap of 10 participants. Registration: Reach out to outreach@nsec.io.
Following Blackhoodie's guidelines regarding COVID, we require proof of vaccination and attendees to wear masks during the workshop
Topics that will be covered: - Understanding the PE file format - Using disassemblers like Ghidra or IDA - Recognizing some common malware routines (tricks used to stay persistent, obfuscation, etc)
If time permits, there will be a chance to learn how to use scripts to augment and make the experience of static analysis easier.
Pre-requisites/assumed knowledge:
- Comfortable with x86 assembly language.
- Comfortable with some programming languages.
- Some knowledge of how a CPU works.
- Machine with VMs installed (instructions will be emailed before the workshop).