We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.

Accept and Close

Contact us

Ask a question?

If you want to know anything about the course, we’re here to help.


New Suricata for Incident Response and Threat Hunting training, pre-reg now

Targeted Malware Reverse Engineering

Course overview

Skilled reverse engineers aren’t born - they’re made by experience. If you are a cybersecurity specialist with a good understanding of malware analysis methodologies & tools and are looking for more confidence in applying your skills, you can bridge the gap by working hands-on with real-life cases.

With this challenge in mind, our intermediate-level course is built around analysis of 10 targeted malware cases used in the wild by powerful APT actors recently. Cases including MontysThree, LuckyMouse & Lazarus have been researched personally by our trainers as part of their work in the Kaspersky GReAT team – so you will get first-hand knowledge and best practices from their exclusive research.

By working in the dedicated virtual lab, using an array of tools like IDA Pro, Hex-Rays decompiler, Hiew, 010Editor and many others, you will gain practical experience analyzing real-life targeted malware and will become a more efficient malware analyst and reverse engineer and prove your skills are relevant to today’s threat landscape.

100% practical

Participants ‘learn by doing’, using the hands-on virtual lab to work on fresh targeted malware samples used in the wild by powerful APT actors.

Master IDA Pro and other advanced tools

Get to know the advanced features of tools like IDA Pro and develop up to date knowledge through recent APT cases.

Learn with the best

Kaspersky experts have poured more than 10 years of reverse engineering experience and their exclusive research into the course.

All Levels

Mid-level: some programming skills required


$1,400 inc. tax per learner  

Enroll my team
Request demo access

Training objectives

  • Analyze real-life malware used in the wild by APT groups.
  • Reverse-engineer malicious documents and exploits.
  • Approach reverse engineering programs written in a number of programming or scripting languages (C, .NET, Delphi, Powershell, JavaScript, C++) and compiled for different architectures (x86, x64) with different compilers or operating systems (Windows, Linux).
  • Master advanced features of reverse-engineering tools including IDA Pro’s scripting capabilities.
  • Understand steganography in greater detail.
  • Handle obfuscated or encrypted content in malicious software.
  • Become more familiar with assembly.
  • Understand the roundabout ways attackers launch their programs.
  • Analyze shellcodes.

Your course leaders

Trainer Dennis

Denis Legezo,

Senior Security Researcher

Denis Legezo is a GCFA certified Senior Security Researcher. He specializes in targeted attacks research, static reverse engineering.

Denis regularly provides training on these subjects and has presented his targeted malware research at SAS, RSA Conference, VirusBulletin, HITB.

Trainer Ivan

Ivan Kwiatkowski,

Senior Security Researcher

Ivan Kwiatkowski is an OSCP and OSCE-certified penetration tester and malware analyst who has been working as a Senior Security Researcher in the Global Research & Analysis Team at Kaspersky since 2018.

He maintains an open-source dissection tool for Windows executables and his research has been presented during several cybersecurity conferences. He operates an exit node of the Tor network and also delivers Kaspersky’s reverse-engineering training in Europe.

Who it's for


InfoSec professionals
The course is intended for security researchers and incident response personnel or students, malware analysts, security engineers, network security analysts, APT hunters and IT security staff working in SOCs who are seeking to expand their skills in reverse-engineering.


Whether you’re looking to up-skill your current cybersecurity or SOC team or create a new in-house unit, this course will considerably improve your organisation’s defences against targeted malware.

Cybersecurity Consultancies

Cybersecurity consultancies
Specialist consultancies who need to train their team on relevant practical skills to be able to offer malware analysis services to their clients will also benefit from this course.

How you'll learn


Video lectures featuring Kaspersky researchers
Learn from Ivan Kwiatkowski and Denis Legezo, Senior Security Researchers and members of Kaspersky’s revered Global Research and Analysis Team.

Virtual Lab

Hands-on virtual lab
Learn how to use tools like IDA Pro through real targeted malware cases like Lazarus, LuckyMouse and MontysThree in our fully configured virtual lab.

Active Learning

Iterative learning
The course is structured around progressive learning with a consistent module framework based on specialist overviews of each task, practical work in the virtual lab and detailed solution walk-throughs.


Benefits for you

Access Icon
6 months to complete your course from activation of your access code Bullet Tick
Pace Icon
Courses delivered in English with subtitles Bullet Tick
Course Duration
Self-guided learning that fits around your life Bullet Tick
Browser-based access to virtual lab
100 hours of virtual lab time for hands-on learning Bullet Tick
Downloads Icon
PDF downloads of training materials & tips Bullet Tick
Mobile Access
Learning environment
Browser-based via desktop, mobile & tablet Bullet Tick
Course Author
Course authors
Ivan Kwiatkowski and Denis Legezo, Senior Security Researchers at Kaspersky GReAT Bullet Tick
Guided Videos Icon
Guided videos
Over 50 videos to guide you through the course Bullet Tick
Technical Support Icon
Support & Feedback
Platform support and help from our subject matter experts is available by email 0900 - 1730 UK time on standard business days via help.kasperskyxtraining.com. Bullet Tick
Certification Icon
Certificate of completion
PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s) Bullet Tick

$1,400 inc. tax per learner  

Enroll my team
Request demo access