CSA training during the Insomni'hack 2015 - 19 March

Understanding malwares , reverse engineering 101 applied to malicious code

By Julien Bachmann / @milkmix_

More and more incidents involving malicious softwares are happening every day and automated solutions analysing malware in sandboxes are on the market. Still, understanding these reports requires technical skills and understandings of how malware are working. On another hand, more companies are tasking people with handling incidents internally.

This training has been designed in order to teach you the basics of malicious code analysis using recent techniques and tools that allow to ease-up the task. As malware analysis is no theoretical thing, practical labs will be performed in order to apply the concept and use the presented tools.

The following topics will be discussed during this fast-paced day:

  1. Malware 101
    • basic files classificationsmalicious code functionalities
    • when/why perform an analysis yourself
  2. Static analysis
    • files categorisation
    • Microsoft PE categorisation
    • packers detection and basic unpacking
    • refresher on x86 assembly
    • IDA and plugins related to malicious code analysis like IDAscope
  3. Dynamic analysis
    • sandboxed based analysis
    • semi-manual analysis using SysInternals
    • network flow analysis
    • full-manual analysis using debuggers

At the end of this training both the slides and lab manual will be given to students. This course will be given in english or french, depending on the participants


  • 700.- CHF for entreprises
  • 300.- CHF for students 

Registration here.