Reverse Engineering Ransomware

Reverse Engineering Ransomware

Static and dynamic analysis. Reverse engineering. Writing Decryptors

What you’ll learn

  • The lectures, videos and other resources will provide relevant information about current malware analysis tricks
  • How to use disassemblers and other security tools
  • How to identify flaws in ransomware code or encryption logic
  • Practice on progressively difficult samples which illustrate different concepts each
  • Practice acquired knowledge via quizzes for each section
  • How to write simple decrpytors in a high-level language (source code provided)

Requirements

  • Basic programming knowledge
  • A computer that can run a Windows virtual machine.
  • An interest in disassembling things and understanding how they work!
  • Patience and perseverance to “try harder”.

Description

The aim of this course is to provide a practical approach to analysing ransomware. Working with real world samples of increasing difficulty, we will:

Deep dive into identifying the encryption techniques,

Navigate through various evasion tricks used by malware writers,

Have fun discovering flaws in their logic or the implementation and finally

Working out automated ways to recover the affected files.

Who this course is for:

  • Security testers
  • Malware analysts
  • Forensics investigators
  • System administrators
  • Information security students
  • Anyone interested in ransomware and malware analysis