Part 2: A Gentle Introduction into Malware Analysis

Date: Sunday, December 1
Time: 6:00 pm – 9:00 pm
Location: S302

As iterated in the previous email, we have our 2nd Malware Analysis workshop with Jason and Ken on Sunday! This workshop will offer a quick introduction to assembly and disassembly in the context of Malware Analysis. After a brief intro on assembly concepts, it will dive straight into hands-on examples. Participants will get to reverse engineer very simple programs (none of these malicious) and then more complicated crackmes. We’ll talk about code constructs, the stack and function calls, etc. Basic knowledge of C will be helpful.

Tools and General Requirements

A Linux machine is necessary. We will also be running exercises on the Windows machine that we provided last time.

Binaries of exercises will be provided in a .zip and the associated source code will be uploaded to Github. Any other crackmes will be provided.

Please set up virtual machine beforehand as we will not wait for those who are not prepared. Unlike last time, it is a simpler setup.

VirtualBox VM: https://drive.google.com/open?id=13vLxF8m4fFjgVEOw_u_BGza2AXPySEAc

Take-Home Resources

Reverse Engineering for Beginners: https://beginners.re/ (FREE!)
Linux Syscalls https://syscalls.kernelgrok.com/
GEF Cheat Sheet
https://github.com/zxgio/gdb_gef-cheatsheet/blob/master/gdb_gef-cheatsheet.pdf
IDA Basics https://resources.infosecinstitute.com/basics-of-ida-pro-2/#gref