CFI 2202 - Malicious Documents and Memory Forensics

Institution:

Century College - Minnesota

Subject:

Description:

This course explores several techniques malware authors commonly employ to protect malicious Windows executables from being analyzed, often with the help of packers. Course topics address bypassing analysis defenses, including structured error handling for execution flow, PE header corruption, fake memory breakpoints, tool detection, integrity checks, and timing controls. The course touches on Web browser malware and the use of additional tools and approaches for analyzing more complex malicious scripts written in VBScript and JavaScript by exploring common patterns of assembly instructions. Prerequisite(s): CFI 1065 with a grade of C or higher or instructor consent.

Credits:

3.00

Credit Hours:

Prerequisites:

Corequisites:

Exclusions:

Level:

Instructional Type:

Lecture/Lab

Notes:

Additional Information:

Historical Version(s):

Institution Website:

www.century.edu

Phone Number:

(651) 770-3200

Regional Accreditation:

North Central Association of Colleges and Schools

Calendar System:

Semester

The Course Profile information is provided and updated by third parties including the respective institutions. While the institutions are able to update their information at any time, the information is not independently validated, and no party associated with this website can accept responsibility for its accuracy.