INTR TO REVERSE ENGINEERING AND MALWARE ANALYSIS W/ DR. BILL GAUVIN PART 1

“Introduction to Reverse Engineering and Malware Analysis”, is the first in a series on this topic. In this session, viewers are introduced to the Portable Executable (PE) file format as it relates to RE and malware analysis. Tools, such as Strings, PEview, Ghidra and the Windows Visual Studio debugger are introduced to allow the viewer to understand the basic strategies used to perform first static, then dynamic analysis on sample files. Concepts such as identifying packed files, identifying obfuscation techniques, and understanding program content, structure, and flow to allow attendees to perform CTF challenges are discussed. During this session, key resources are identified that allow viewers to obtain the tools demonstrated and perform the operations displayed, allowing them to increase their knowledge and skill, preparing them for the more advanced concepts of malware analysis that will be performed in follow-up sessions on this topic.