Introduction to Malware Binary Analysis [WBT]

Version 6

    Courses cannot be purchased or accessed from this site. If you would like to register for this course, please contact your FireEye account manager.

    This self-paced web-based training (WBT) course provides instruction on the methods used for analyzing malicious files.


    Learners will learn how to pre-analyze files, including how antivirus scanning tools are used to identify known samples. Learners will learn about techniques malware analysts use to perform dynamic and static analysis to document all of the malware's capabilities. Finally, you will learn about packing and obfuscation techniques used to make analysis more difficult, and how to handle those cases. Examples discussed include Windows PE files and PDF documents.



    1. Introduction to the Lab Analysis Environment
    2. Pre-analysis
    3. Dynamic Analysis
    4. Static Analysis
    5. Document Analysis



    • Familiarity with x86 assembly language (32-bit) and a higher-level compiled programming language such as C or C++ and its calling conventions
    • Experience of basic use of a debugger on object code, and basic Windows operation and system administration
    • Some experience with a disassembler and writing Windows programs is helpful.



    On average, this course should take about 60 to 90 minutes to complete. The course does not need to be completed in a single sitting.


    Browser requirements

    This course requires Flash Player.



    Please contact your FireEye account manager for details.