Intro to Malware Analysis
This three-hour session teaches how to dissect an unknown piece of malware enough to understand intent, capabilities, and risk.
Malware Analysis: Foundations & First Response
When a strange binary shows up on a system, the first few hours of analysis matter. This class walks through the practical workflow used by analysts to build an initial profile of unknown malware safely, methodically, and without jumping to conclusions.
We’ll start with static analysis (file type, strings, packers, imports), move into behavioral analysis inside a controlled lab, and finish with a structured approach for mapping what the sample is trying to do: persistence, exfiltration, C2 activity, privilege changes, and system modifications. By the end, you’ll know how to form an evidence-based outline of how the malware works and how serious the threat might be.
This session is designed for beginners with curiosity, not prior experience.
What you will learn:
- How to build a safe malware analysis environment (VM isolation, snapshots, tooling).
- How to examine malware using static analysis inside a controlled lab.
- Recognizing indicators of packing, obfuscation, or malicious behavior.
- How to watch what malware actually does during controlled execution.
- How to track filesystem, registry, network, and process behavior.
- Understanding persistence mechanisms.
- How to produce an “Initial Analysis Report” within the first 1–2 hours.
- Ethical, legal, and safety considerations for malware work.
This class has a limit of 10 people
This three-hour session teaches how to dissect an unknown piece of malware enough to understand intent, capabilities, and risk.
Malware Analysis: Foundations & First Response
When a strange binary shows up on a system, the first few hours of analysis matter. This class walks through the practical workflow used by analysts to build an initial profile of unknown malware safely, methodically, and without jumping to conclusions.
We’ll start with static analysis (file type, strings, packers, imports), move into behavioral analysis inside a controlled lab, and finish with a structured approach for mapping what the sample is trying to do: persistence, exfiltration, C2 activity, privilege changes, and system modifications. By the end, you’ll know how to form an evidence-based outline of how the malware works and how serious the threat might be.
This session is designed for beginners with curiosity, not prior experience.
What you will learn:
- How to build a safe malware analysis environment (VM isolation, snapshots, tooling).
- How to examine malware using static analysis inside a controlled lab.
- Recognizing indicators of packing, obfuscation, or malicious behavior.
- How to watch what malware actually does during controlled execution.
- How to track filesystem, registry, network, and process behavior.
- Understanding persistence mechanisms.
- How to produce an “Initial Analysis Report” within the first 1–2 hours.
- Ethical, legal, and safety considerations for malware work.
This class has a limit of 10 people
Good to know
Highlights
- 3 hours
- under 18 with parent or legal guardian
- In person
Refund Policy
Location
Hackers Guild PGH
2247 Babcock Boulevard
Pittsburgh, PA 15237
How do you want to get there?
