Performing Malware Analysis on Malicious Documents

Malicious documents have become a form of malware that all incident responders need to be able to analyze. This course will teach you how to analyze malicious Adobe PDF and Microsoft Office documents, along with any malicious scripts they contain.
Course info
Rating
(20)
Level
Intermediate
Updated
Jan 23, 2018
Duration
2h 60m
Table of contents
Course Overview
Introduction and Setting up Your Lab
Performing Document Analysis
Analyzing PDF Documents
Performing JavaScript Analysis
PDF Lab
Analyzing Office Documents
Performing VBA Script Analysis
Quickly Analyzing Malicious Documents
Office Document Lab
Analyzing Malicious Documents Recap
Description
Course info
Rating
(20)
Level
Intermediate
Updated
Jan 23, 2018
Duration
2h 60m
Description

Hiding malware within documents has become one the main methods attackers use to compromise systems. In this course, Performing Malware Analysis on Malicious Documents, you will learn how to look at documents to determine if they contain malware, and if so, what that malware does. First, you will explore how to analyze malicious Adobe PDF and Microsoft Office documents. Next, you will discover how attackers obfuscate scripts within malicious documents, and how you can defeat that obfuscation to determine the script’s purpose. Finally, you will dive into the tools required to perform this analysis safely and quickly. When you’re finished with this course, you will have the skills and knowledge needed to perform malware analysis on malicious documents.

About the author
About the author

Tyler Hudak has more than 15 years of experience performing malware analysis, computer forensics, and incident response for multiple organizations. He loves sharing the knowledge he has gained on these topics in his presentations and classes!

More from the author
Hunting for Fileless Malware
Intermediate
1h 41m
Dec 18, 2018
Malware Analysis Fundamentals
Beginner
3h 20m
Mar 31, 2017
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Tyler Hudak, and welcome to my course, Performing Malware Analysis on Malicious Documents. I'm an incident responder that has a passion for analyzing malware in all its forms and have taught how to perform malware analysis for a number of years to hundreds of people. The number one topic I get requested to teach is analyzing malicious documents and with good reason. Documents are one of the primary ways attackers compromise systems with malware. In this course, we're going to learn how to analyze malicious documents to determine what they are doing to compromise a system. Some of the major topics that we'll cover include how to examine Adobe PDF and Microsoft Office documents, ways to get around malicious script obfuscation techniques, and the tools and techniques you can use to speed up your analysis. By the end of this course, you'll know how to safely determine if a document is malicious and how to figure out what it does to compromise a system. Before beginning the course, you should be familiar with basic malware analysis methodologies as taught in the Malware Analysis Fundamentals Pluralsight course. I hope you'll join me on this journey to learn how to analyze malicious documents with the Performing Malware Analysis on Malicious Documents course, at Pluralsight.