Malware Analysis Of Malicious Documents

A Beginner's Course on Analyzing Malicious PDF and Microsoft Office Documents Using Remnux and Windows Virtual Machines

4.53 (66 reviews)
Udemy
platform
English
language
Network & Security
category
instructor
4,895
students
4.5 hours
content
Nov 2021
last update
$39.99
regular price

What you will learn

Analyzing Malicious Documents

Analyzing Malicious PDF documents

Analyzing Malicious Microsoft documents

Install Remnux Virtual Machine

Extracting document Meta-Data

Basic Linux Commands Used in Malware Analysis

Extracting Embedded Objects and Javascript from PDF documents

Extracting VBA Macro Scripts from Office Documents

De-obfuscating Javascript and VBA scripts

Automating Analysis of Documents

Viewing and Debugging Malicious Office Macros

Identifying Maker and Origin of Malicious Documents

Using Yara to Identify Malicious Patterns and Signatures

Analyzing Open Office XML Format Documents

Analyzing Structured Storage Format Documents

Estimating age and date of document creation

Analyzing powershell scripts

Detecting Malware Artifacts and Indicators of Compromise

and more...

Description

Did you know that you could infect your computer just by opening a pdf or microsoft office document? If that came as a shocker for you then you need to take this course. Documents are one of the main vector of attacks for malware authors because of their widespread use. Everyone uses documents to create reports, memos and articles. In fact everything we do for communication involves the use of documents. That is why this is a very popular way to infect computers. Documents are used as the first stage of a malware attack. Embedded in documents are scripts that will download a second stage payload consisting of additional malware, eg ransomware, remote access tools and more.


In this course, you will learn how to check and analyze malicious pdf and office documents for signs of malicious artifacts and indicators of compromise. This is a beginners course and targeted to those who are absolutely new to this field. I will take you from zero to proficient level in analyzing malicious documents. You will learn using plenty of practical walk-throughs. We will learn the basic knowledge and skills in analyzing documents. All the needed tools and where to download them will be provided. By the end of this course, you will have the fundamentals of malware analysis of documents under your belt to further your studies in this field. Even if you do not intend to take up malware analysis as a career, still the knowledge and skills gained would enable you to check documents for dangers and protect yourself from these attacks.


We will use remnux and windows virtual machine. Remnux is a Debian-based linux distribution that contains all the necessary tools for malware analysis. Some background on linux would be helpful but not strictly necessary. We will also install document debuggers in a windows virtual machine. Then, I will show you how to get started with the very basic tools in remnux and windows. All the essential theory will be covered but kept to the minimum. The emphasis is on practicals and lab exercises.

Go ahead and enroll now and I will see you inside.

Screenshots

Malware Analysis Of Malicious Documents - Screenshot_01Malware Analysis Of Malicious Documents - Screenshot_02Malware Analysis Of Malicious Documents - Screenshot_03Malware Analysis Of Malicious Documents - Screenshot_04

Content

Introduction

Intro to the course
Learning Objectives

Installing the Tools

Installing a Windows VM
Configuring Windows VM
Installing Adobe Acrobat Reader and Microsoft Office 2013
Installing RemNux
Post-Install Configurations
Summary of Virtual Machines

Malware Analysis Process

Malware Analysis Process

Intro to Static Analysis

Intro to Static Analysis and Lab on Analyzing a PDF document
Lab - Static Analysis of a Microsoft Document

Analyzing PDF Documents

Introduction to Analysis of PDF Documents
PDF Objects
PDF Keywords
String and Data Encoding
PDF Analysis Tools
Lab: Using pdfid and pdf-parser
How to fix Yara Include File Error
Lab: Using peepdf

Performing Javascript Analysis

Principles of Performing Javascript Analysis
De-obfuscating Javascript

Lab: Pdf Analysis

Introduction to Lab Exercise
Lab Exercise Walkthrough

Analyzing Office Documents

Principles of Analyzing Office Documents
Lab - Analyzing Office Documents and Extracting VBA Macro Scripts

Performing VBA Script Analysis

Principles of VBA Script Analysis
VBA Script Analysis Walkthrough

Using Debuggers in Document Analysis

Principles of Using Debuggers in Document Analysis
Installing Lazy Office Analyzer
Lab: A walkthrough on debugging a malicious office document

Lab: Analyzing An Office Document

Introduction Lab Exercise: Analyzing An Office Document
Lab Walkthrough: Document Analysis
Lab Walkthrough: Debugging A Malicious Office Document

Resources For Further Study

Recap and Where to Get Malware Samples
Bonus Lecture

Reviews

Jason98
May 10, 2022
It is a great course especially for beginners, well explained and instructor was responsive. Might purchase other courses from similar instructor in near future. This is my first course on Udemy that I completed. Perhaps, could add more complexed lab lessons like another 2 or 3 more exercises with walkthrough. But other than that, really amazing things learn. Thanks, Paul
Zaid
February 13, 2022
This is the best teacher out there and I hope he makes a part 2 for this course because I will definitely buy it!
Christoph
November 23, 2021
I wished all my teachers would have been as commited as Paul Chin. Professor Paul Chin answered all my questions in detail within very short time. Therefore I give the best possible rating.
Ahmed
October 6, 2021
This course offers a lot of great value because it is more hands-on, instead of just explaining security concepts
Carlos
June 4, 2021
Instructor´s voice is quite monotone, but Information is useful and straight to the point. Could be more dynamic.

Charts

Price

Malware Analysis Of Malicious Documents - Price chart

Rating

Malware Analysis Of Malicious Documents - Ratings chart

Enrollment distribution

Malware Analysis Of Malicious Documents - Distribution chart

Coupons

DateDiscountStatus
5/23/202175% OFF
expired
6/4/2021100% OFF
expired
6/7/202175% OFF
expired
7/20/202175% OFF
expired
11/4/202175% OFF
expired
12/4/202175% OFF
expired
1/6/202275% OFF
expired
4/18/202275% OFF
expired
4021352
udemy ID
5/2/2021
course created date
5/23/2021
course indexed date
Bot
course submited by