wetw0rk/MalwareAnalysisTraining

Work in Progress repo

Python

MalwareAnalysisTraining

Work in progress repo

Part 1: Behavorial analysis using Static and Dynamic analysis.
Part 2: WIP.

Common Issues:

Always set the builds to Release, and set Any CPU to your vm's target architecture.
Always delete the Appdata/Local and Appdata/Roaming data for Visual Studio within the windows 10 vm.

Pre-reqs/Tools:

Windows VM with Visual Studio (Download all tools into this vm)

https://developer.microsoft.com/en-us/windows/downloads/virtual-machines

Visual Studio C++/C# bindings, updated .NET library

Installed from the Visual Studio installer, see requirements pdf within the PDFS folder

Ida Free 7.0

https://out7.hex-rays.com/files/idafree70_windows.exe

Windbg preview

Installed from the VM's microsoft store

Sysinternals Suite

https://docs.microsoft.com/en-us/sysinternals/downloads/sysinternals-suite

Wireshark

https://www.wireshark.org/

dnSpy

https://github.com/0xd4d/dnSpy/releases

General requirements per part:

Part 1, Examples 1 through 7 Requirements:

Requirements.pdf in the PDFS folder will get the Visual Studio setup for compilation

Part 2, Current WIP Requirements:

WIP

Current Testing

Part1:

Example1: Finished, PDF in draft
Example2: Finished, PDF in draft
Example3: Testing, PDF in draft
Example4: Testing
Example5: Testing
Example6: Testing
Example7: Testing