Recon 2012

Malware Analysis Training

Instructors: Nicolas Brulez
Dates: 11-13 June 2012
Availability: 20 Seats

Day 1: Manually unpacking Malwares
Nowadays, malwares use custom polymorphic packers to slow down analysis and thwart detection. The first day, students will learn how to analyze and unpack samples of famous malware families. Tricks to "turbo unpack" such samples will be presented to the students.

Day 2: Complex Malware Analysis
On the second day, students will work on an obfuscated sample and learn how to analyse it. The obfuscation is based on Vectored Exception Handling as well as instruction emulation via context modification.

Day 3: Android Malware Reverse Engineering.
The last day will introduce students to Android Malware analysis. Tools and techniques will be presented on real life samples.

This class is intended for students who have been working with malwares and doing reverse engineering in the past. The basics of Reverse Engineering won't be covered.

Students attending this course should be familiar with Assembly, Debugging and IDA, without neccessarly being advanced reverse engineers.

Notes: This 3 days course will cover theory and will focus mainly on hands-on exercices. Learning by doing is the main aspect of the class.


Nicolas joined Kaspersky Lab as a senior malware researcher in 2010. His responsibilities include analyzing malware and carrying out security research.

Prior to joining Kaspersky Lab, Nicolas worked as a senior virus researcher for Websense Security Labs and Digital River/Silicon Realms. He is also known for his work on the Software Passport/Armadillo protection system. Here, he served as head of software security and was in charge of the anti-reverse engineering techniques used in the system.

Over the last 12 years, Nicolas has authored numerous articles and papers on reverse engineering. He is a regular speaker at computer engineering schools and international security conferences.

To Register

Click here to register.