Sigreturn Labs Contact
All services Service 04

Training.

Hands-on training that turns engineers into malware analysts. We currently run one course, a five-day practical deep dive into malware analysis and reverse engineering, built and taught by a researcher who does this work in the field. On-site or remote.

Course

Malware Analysis.

From an empty lab to breaking real ransomware. Five days of doing, not watching.

5 days Duration
On-site or remote Format
Hands-on labs Approach
Individual or team Audience
Curriculum

What we cover.

Twelve modules, building from fundamentals to real-world ransomware.

01

Lab setup

Building a safe, instrumented environment to detonate and study samples.

02

Static & dynamic analysis

The two core approaches, and when to reach for each.

03

Automated analysis

Sandboxes and automated pipelines to triage samples quickly and at scale.

04

Assembly language

Reading x86/x64 well enough to follow any sample.

05

Reverse engineering

Working effectively in IDA Pro and Ghidra.

06

Debugging

Driving execution and inspecting a sample as it runs.

07

Anti-debugging & anti-RE

Spotting and bypassing the tricks samples use to resist debuggers and analysts.

08

Advanced techniques

Unpacking, deobfuscation, and evasion handling.

09

Applied cryptography

Recognizing and reasoning about crypto inside malware.

10

Special cases

Rust, Go, .NET, and script-based threats.

11

IOC extraction

Pulling indicators and configuration for detection.

12

Ransomware labs

Hands-on practical work on real ransomware samples.

Outcomes

What you will leave able to do.

By the end of the week, the work is in your hands, not just in your notes.

  • Set up and run a safe malware-analysis lab
  • Triage and analyze samples, statically and dynamically
  • Reverse unknown binaries in IDA Pro and Ghidra
  • Defeat common packing, obfuscation, and anti-analysis
  • Recognize and reason about cryptography in malware
  • Extract IOCs and configuration for detection
  • Take on real ransomware with confidence
Logistics

Delivered on-site at your offices or fully remote, for an individual or a whole team. A working knowledge of C and a scripting language helps, and some basic digital-forensics experience is desirable. No prior reverse-engineering experience is required. Get in touch for available dates, group size, and a tailored agenda.

Contact

Book the course.

Tell us your team and your timeline, and we will set up the dates and tailor the agenda.

contact@sigreturn.com