All services Service 04

Training.

Five days that turn engineers into malware analysts. A hands-on, practical deep dive into malware analysis and reverse engineering, built and taught by a researcher who does this work in the field. You get a ready-to-go analysis lab on a VM we provide, so all you bring is a laptop. On-site or remote.

Course

Malware Analysis.

From an empty lab to breaking real ransomware. Five days of doing, not watching.

5 days Duration
On-site or remote Format
VM & lab provided Environment
€3,000 / person Price
Agenda

Five days, hour by hour.

From an empty lab to breaking real ransomware. Every block is doing, not watching.

Day 1 Foundations
09:00

0.0 / 1.1 Introduction & lab setup

Hands-on
11:00

0.1 Threat landscape & malware economy

14:00

1.0 / 1.1 Windows artefacts & persistence

Hands-on
16:00

1.2–1.4 PE format, compilation & linking, Windows internals

Hands-on
Day 2 Analysis & assembly
09:00

2.0 Static analysis basics

Hands-on
11:00

2.1 Dynamic analysis basics

Hands-on
14:00

3.0 Assembly language introduction

Hands-on
16:00

3.1 / 3.2 Process memory management & calling conventions

Hands-on
Day 3 Reverse engineering & crypto
09:00

3.3 Reverse engineering

Hands-on
11:00

3.4 Debugging

Hands-on
14:00

4.0 Advanced injection techniques

16:00

4.1 / 4.2 Cryptography: theory & applied

Day 4 Evasion & families
09:00

4.3 / 4.4 Anti-RE, anti-debugging & anti-sandbox

Hands-on
11:00

4.5 Packing

Hands-on
14:00

5.0 Script-based malware

16:00

5.1 / 6.0 Attack process & network, stealers

Day 5 Ransomware & wrap-up
09:00

6.1 Ransomware practical activity

Hands-on
11:00

7.0 Threat & IOCs, wrap-up & Q&A

14:00

Departures

The lab

Everything runs on a VM we hand you.

No setup tax. We provide a complete, pre-built virtual machine with every exercise, sample, and tool already in place. You spend the week analysing malware, not installing it. All you need is a laptop that can run a Windows VM in VirtualBox.

  • Full analysis toolchain: IDA Pro, Ghidra, debuggers, sandboxes
  • Every hands-on exercise and sample, ready to detonate safely
  • An isolated, instrumented environment built for the course
  • Yours for the week. Just bring a PC that runs VirtualBox
Outcomes

What you will leave able to do.

By the end of the week, the work is in your hands, not just in your notes.

  • Set up and run a safe malware-analysis lab
  • Triage and analyze samples, statically and dynamically
  • Reverse unknown binaries in IDA Pro and Ghidra
  • Defeat common packing, obfuscation, and anti-analysis
  • Recognize and reason about cryptography in malware
  • Extract IOCs and configuration for detection
  • Take on real ransomware with confidence
Pricing

€3,000

per person, per 5-day session

  • Complete VM & analysis lab
  • All course materials
  • Taught by a practitioner
  • On-site or fully remote
Logistics

Delivered on-site at your offices or fully remote, for an individual or a whole team. A working knowledge of C and a scripting language helps, and some basic digital-forensics experience is welcome, but no prior reverse-engineering experience is required. We provide the full lab VM; you bring a laptop that can run it. Get in touch for available dates, group size, and a tailored agenda.

Contact

Book the course.

Tell us your team and your timeline, and we will set up the dates and tailor the agenda.

contact@sigreturn.com