Short Course

Malware Analysis of Malicious Documents

A Beginner's Course on Analyzing Malicious PDF and Microsoft Office Documents Using Remnux and Windows Virtual Machines

11 Hours of video content

Beginner

Certificate of Completion Included

Check out Subscription Plans

Overview What You Will Learn Curriculum Instructor

Course Overview

Documents are one of the main vectors of attacks for malware because of their widespread use. Everyone uses documents to create reports, memos and articles. In fact, everything we do for communication involves the use of documents. That is why this is a very popular way to infect computers. Documents are used as the first stage of a malware attack. Embedded in documents are scripts that will download a second-stage payload consisting of additional malware, ?ransomware,?remote access tools?and more.

In this course, you will learn how to check and analyze malicious pdf and office documents for signs of?malicious artefacts?and?indicators of compromise. This is a?beginners course?and targeted to those who are absolutely new to this field. I?will take you from zero to a proficient level in analyzing malicious documents. You will learn using plenty of?practical walk-throughs. We will learn the basic knowledge and skills in analyzing documents. All the needed tools and where to download them will be provided.

By the end of this course, you will have the fundamentals of malware analysis of documents under your belt to further your studies in this field. Even if you do not intend to take up malware analysis as a career, still the knowledge and skills gained would enable you to check documents for dangers and protect yourself from these attacks.

The necessary resources for this course are in the "Resources" section of Video 1.1. You can also access them through this direct link - https://github.com/ec-council-learning/Malware-Analysis-of-Malicious-Documents

What You Will Learn

Analyze Malicious Documents.
Analyze Malicious PDF documents.
Analyze Malicious Microsoft documents.
Learn to Install Remnux Virtual Machine.
Learn to Extracting document Meta-Data.
Understand Basic Linux Commands Used in Malware Analysis.
Extract Embedded Objects and Javascript from PDF documents.
Extract VBA Macro Scripts from Office Documents.
Learn to De-obfuscate Javascript and VBA scripts.
Learn to Automate Analysis of Documents.
Viewing and Debugging Malicious Office Macros.
Identifying Maker and Origin of Malicious Documents.
Use Yara to Identify Malicious Patterns and Signatures.
Analyze Open Office XML Format Documents.
Analyze Structured Storage Format Documents.
Analyze Powershell scripts.
Learn to Estimate age and date of document creation.
Learn how to Detect Malware Artifacts and Indicators of Compromise.

Program Curriculum

Installing a Windows VM
Configuring Windows VM
Installing Adobe Acrobat Reader and Microsoft Office 2013
Installing RemNux
Post-Install Configurations
Summary of Virtual Machines
$7 Million Cybersecurity Scholarship by EC-Council
Chapter 1 Quiz

Malware Analysis Process
Chapter 2 Quiz

Intro to Static Analysis and Lab on Analysing a PDF Document
Lab - Static Analysis of a Microsoft Document
Chapter 3 Quiz

Introduction to Analysis of PDF Documents
PDF Objects
PDF Keywords
String and Data Encoding
PDF Analysis Tools
Lab: Using pdfid and pdf-parser
How to Fix Yara Include File Error
Lab: Using peepdf
Chapter 4 Quiz

Principles of Performing JavaScript Analysis
De-obfuscating JavaScript
Chapter 5 Quiz

Introduction to Lab Exercise
Lab Exercise Walkthrough
Chapter 6 Quiz

Principles of Analysing Office Documents
Lab - Analysing Office Documents and Extracting VBA Macro Scripts
Chapter 7 Quiz

Principles of VBA Script Analysis
VBA Script Analysis Walkthrough
Chapter 8 Quiz

Principles of Using Debuggers in Document Analysis
Installing Lazy Office Analyzer
Lab: A Walkthrough on Debugging a Malicious Office Document
Chapter 9 Quiz

Introduction Lab Exercise: Analysing an Office Document
Lab Walkthrough: Document Analysis
Lab Walkthrough: Debugging A Malicious Office Document
Chapter 10 Quiz

Recap and Where to Get Malware Samples

Load more modules

Instructor

Paul Chin

Paul Chin is a semi-retired college lecturer with more than 20 years’ experience in teaching computing and information technology. His interests range from reversing, coding to graphics design, apps, games development, music, health, spirituality, and well-being. In his spare time, he also plays the piano and keyboard. He enjoys teaching face-to-face and online and also loves educating and inspiring others to succeed and live the life of their dreams.

Buy this course now

$69.99

Get Immediate access for one year today!

Upgrade to Pro Plans and Get Full Access Today!

Get this course, along with 700+ courses and 50+ learning paths and more in one subscription. Learn more

Unlock All Access

Plans start from $33/mo. Cancel anytime.

Join over 1 Million professionals from the most renowned Companies in the world!

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans

Annual Plans

Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

^$ 499.00

Billed annually or $59.00 billed monthly

Get Started Now

Start your 7-day trial for $1

What is included

700+ Premium Short Courses
50+ Structured Learning Paths
Validation of Completion with all courses and learning paths
New Courses added every month

Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

^$ 599.00

Billed annually or $69.00 billed monthly

Get Started Now

Start your 7-day trial for $1

Everything in Pro and

800+ Practice Lab exercises with guided instructions
150+ CTF Challenges with detailed walkthroughs
New Practice Labs and Challenges added every month
3 Official EC-Council Essentials Certifications¹ (retails at $897!)
Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

15 Must Have Tools for Pentesters

Short Course

15 Must Have Tools for Pentesters

Vulnerability Assessment and Pentesting

Upgrade your penetration testing skillset by adopting the best tools available in the market!

Upgrade your penetration testing skillset by adopting the bes...

$59.99

Intermediate

9 hr 15 m

Hello
Kali for Penetration Testers

Short Course

Kali for Penetration Testers

Vulnerability Assessment and Pentesting

Ethical Hacking with Kali Linux

Ethical Hacking with Kali Linux

$69.99

Beginner

6 hr 49 m

Hello
Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2

Short Course

Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2

Vulnerability Assessment and Pentesting

The comprehensive course to secure & crack WEP/WPA/WPA2 key and perform MITM attack from scratch using Kali Linux 2.0.

The comprehensive course to secure & crack WEP/WPA/WPA2 k...

$69.99

Intermediate

5 hr 12 m

Hello
Getting Started with Bug Bounty Hunting

Short Course

Getting Started with Bug Bounty Hunting

Vulnerability Assessment and Pentesting

Perfect Guide for Making You a Noob to Pro Bug Hunter

Perfect Guide for Making You a Noob to Pro Bug Hunter

$79.99

Beginner

2 hr 45 m

Hello
Web Hacker’s Toolbox: Tools Used by Successful Hackers

Short Course

Web Hacker’s Toolbox: Tools Used by Successful Hackers

Vulnerability Assessment and Pentesting

Discover the Tools Used by Successful Hackers and Learn How to Use Them in Your Own Penetration Testing Projects

Discover the Tools Used by Successful Hackers and Learn How t...

$59.99

Intermediate

3 hr 4 m

Hello
Full-Stack Attacks on Modern Web Applications

Short Course

Full-Stack Attacks on Modern Web Applications

Vulnerability Assessment and Pentesting

Learn About HTTP Parameter Pollution, Subdomain Takeover, and Clickjacking

Learn About HTTP Parameter Pollution, Subdomain Takeover, and...

$59.99

Intermediate

0 hr 59 m

Hello
Learn Hacking Using Raspberry Pi from Scratch

Short Course

Learn Hacking Using Raspberry Pi from Scratch

Vulnerability Assessment and Pentesting

Improve your Ethical Hacking Skills by using your portable Raspberry Pi device for Penetration Testing/Security Auditing.

Improve your Ethical Hacking Skills by using your portable Ra...

$69.99

Beginner

8 hr 20 m

Hello
Digital Forensics for Pentesters - Hands-on Learning

Short Course

Digital Forensics for Pentesters - Hands-on Learning

Vulnerability Assessment and Pentesting

Detect and backtrack cyber criminals and hackers with digital forensics.

Detect and backtrack cyber criminals and hackers with digital...

$69.99

Beginner

5 hr 10 m

Hello