Participants ‘learn by doing’, using the hands-on virtual lab to work on fresh targeted malware samples used in the wild by powerful APT actors.
X
X
X
X
X
X
X
Contact us
If you want to know anything about the course, we’re here to help.
Course overview
Skilled reverse engineers aren’t born - they’re made by experience. If you are a cybersecurity specialist with a good understanding of malware analysis methodologies & tools and are looking for more confidence in applying your skills, you can bridge the gap by working hands-on with real-life cases.
With this challenge in mind, our intermediate-level course is built around analysis of 10 targeted malware cases used in the wild by powerful APT actors recently. Cases including MontysThree, LuckyMouse & Lazarus have been researched personally by our trainers as part of their work in the Kaspersky GReAT team – so you will get first-hand knowledge and best practices from their exclusive research.
By working in the dedicated virtual lab, using an array of tools like IDA Pro, Hex-Rays decompiler, Hiew, 010Editor and many others, you will gain practical experience analyzing real-life targeted malware and will become a more efficient malware analyst and reverse engineer and prove your skills are relevant to today’s threat landscape.
100% practical
Participants ‘learn by doing’, using the hands-on virtual lab to work on fresh targeted malware samples used in the wild by powerful APT actors.
Master IDA Pro and other advanced tools
Get to know the advanced features of tools like IDA Pro and develop up to date knowledge through recent APT cases.
Learn with the best
Kaspersky experts have poured more than 10 years of reverse engineering experience and their exclusive research into the course.
Training objectives
“The online format of Kaspersky's training helps more engineers upgrade their reversing skills and become confident users of our software disassembly product, IDA Pro.”
“The Targeted Malware Reverse Engineering course taught me valuable skills. The tips & tricks drastically improved my reversing capabilities and contributed to a solid malware-analysis base. With the variety of samples and techniques covered, I do feel prepared for future malware.”
“The Kaspersky course on Targeted Malware Reverse Engineering has significantly enhanced the capabilities of cybercrime police investigators. The expertise shared on the course by the company’s leading experts is extremely practical and unique, and has allowed our officers to get a deeper knowledge of malware analysis. We value our partnership with Kaspersky who have once again delivered a curriculum which features an unparalleled hands-on approach to learning.”
“This course is very good! Better than many other I have attended. You are onboarded alongside members of the GReAT to analyze samples in Delphi, PowerShell, Golang, .Net, C++ and shellcodes as well. Lot of useful tips and tricks are shared and the remote analysis VM is an invaluable plus, no more wasted time of configuration, you just need an Internet connection! Great value for money.”
InfoSec professionals
The course is intended for security researchers and incident response personnel or students, malware analysts, security engineers, network security analysts, APT hunters and IT security staff working in SOCs who are seeking to expand their skills in reverse-engineering.
Enterprises
Whether you’re looking to up-skill your current cybersecurity or SOC team or create a new in-house unit, this course will considerably improve your organisation’s defences against targeted malware.
Cybersecurity consultancies
Specialist consultancies who need to train their team on relevant practical skills to be able to offer malware analysis services to their clients will also benefit from this course.
Video lectures featuring Kaspersky researchers
Learn from Ivan Kwiatkowski and Denis Legezo, Senior Security Researchers and members of Kaspersky’s revered Global Research and Analysis Team.
Hands-on virtual lab
Learn how to use tools like IDA Pro through real targeted malware cases like Lazarus, LuckyMouse and MontysThree in our fully configured virtual lab.
Iterative learning
The course is structured around progressive learning with a consistent module framework based on specialist overviews of each task, practical work in the virtual lab and detailed solution walk-throughs.
Meet your trainers and get to know the course in more depth. Then go in to the Chafer APT to learn more about encryption algorithms (Windows CryptoAPI) and how enumerators and debug data help to understand the code.
Combination of static and dynamic analysis: how to use disassembler and debugger in parallel & how to dump decrypted data from memory.
Exploited documents analysis. The tricks in position independent code. Get to know the exploit stages: egg-hunting, decryption, dynamic functions' address resolution.
Meet interpreted code and understand how it differs from compiled code. Static and dynamic script deobfuscation.
Using IDA Pro’s scripting abilities to automate string decryption.
How LNK-based infection chains work and how to deobfuscate PowerShell scripts.
Reversing steganography algorithms, importing the custom structure descriptions, exporting embedded encryption keys and scratching the surface of C++.
Reverse-engineering x64 malware and reconstructing a custom network protocol from a malware sample.
Reverse-engineering Linux programs including backdoors and rootkits.
Reverse-engineering Linux programs including backdoors and rootkits.
Access | 6 months to complete your course from activation of your access code | ![]() |
Language | Courses delivered in English with subtitles | ![]() |
Pace | Self-guided learning that fits around your life | ![]() |
Browser-based access to virtual lab | 100 hours of virtual lab time for hands-on learning | ![]() |
Downloads | PDF downloads of training materials & tips | ![]() |
Learning environment | Browser-based via desktop, mobile & tablet | ![]() |
Course authors | Ivan Kwiatkowski and Denis Legezo, Senior Security Researchers at Kaspersky GReAT | ![]() |
Guided videos | Over 50 videos to guide you through the course | ![]() |
Support & Feedback | Platform support and help from our subject matter experts is available by email 0900 - 1730 UK time on standard business days via help.kasperskyxtraining.com. | ![]() |
Certificate of completion | PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s) | ![]() |
$1,400 inc. tax per learner