UNIT-I: Introduction to Malware Analysis: 

Analysis Techniques, Types of Malware, and General Rules for Malware Analysis

Basic Analysis: Basic Static Techniques, Packed and Obfuscated Malware, Portable Executable File Format, Linked Libraries and Functions, Static Analysis in Practice, The PE File Headers and Sections.

UNIT I: Introduction: 

The cyber killchain, Definition of malware and its role in the killchain Different types of malware, The goal of malware analysis, Types of malware analysis, Setting up a safe environment for malware analysis 

UNIT-II 

Malware Analysis in Virtual Machines: The Structure of a Virtual Machine, creating your Malware Analysis Machine, Using Your Malware Analysis Machine, The Risks of VMware for Malware Analysis, Record/Replay: Running Your Computer in Reverse

Basic Dynamic Analysis: Sandboxes: The Quick and Dirty Approach, Running Malware, Monitoring with Process Monitor, Viewing Processes with Process Explorer, Comparing Registry Snapshots with Regshot, INetSim, Basic Dynamic Tools in Practice

UNIT II: Analyzing malicious Windows programs: 

The Portable Executable file format, PE header and sections, The Windows loader, Windows API, Import Address Table, Import functions, Export functions System architecture, processes, threads, memory management, registry PE files on disk and in memory 

UNIT-III 

Introduction to Interactive Disassembler (IDA): Introduction to Disassembly: Disassembly Theory, The Why and how of Disassembly, Reversing and Disassembly Tools, Getting started with IDA,IDA Data Displays, Disassembly Navigation, Disassembly Manipulation, Data types and Data Structures. 

UNIT III Basic Analysis: 

Basic static analysis: introducing concepts and tools for basic static analysis: hash functions, Virus Total, strings, PEiD, PE Explorer, CFF Explorer, and Resource Hacker. Identifying file obfuscation techniques: packers and cryptors. Introduction to Yara.

Basic dynamic analysis: Introducing concepts and tools for basic dynamic analysis: Sys internal tools, sandboxes. Persistence techniques.

Network analysis: Faking a network for safe malware analysis. Introduction to Wireshark. Command and control communication of malware.

UNIT-IV 

Advanced IDA Usage: Cross-References and Graphing: Cross-References, IDA Graphing, The Many Faces of IDA, Customizing IDA’s, Library Recognition Using FLIRT Signatures, 

Extending IDA’s Knowledge, IDA Scripting, IDA Software Development Kit, Real World 

Applications- Vulnerability Analysis

UNIT IV 

Analysis of malicious documents: File formats: OLE2, OOXML, RTF and PDF .Malicious macro. Document exploits, e.g. exploit example for Equation editor vulnerability (CVE-2017- 11882). Introduction toole tools. 

UNIT -V 

Android Malware and Analysis: Introduction to the Android Operating System and Threats Malware Threats, Hoaxes, and Taxonomy, Open-Source Tools, Android Malware Evolution, Android Malware Trends and Reversing Tactics, Case Study Examples

UNIT V 

Defeat malware: Examples of how to use the information we got during malware analysis to defend against malware attacks. 

Threat Intelligence, IOCs.Security solutions. Open source tools: Yara,Snort/Suricata.