Skip to main contentSkip to main content
Room Banner
Back to all walkthroughs
Room Icon

Basic Dynamic Analysis

Premium room

Learn how to analyze malware Dynamically by running them in a Virtual Machine.

medium

120 min

9,513

User profile photo.

To access material, start machines and answer questions login.

an image that shows the word malware being looked at through a magnifying glass

Previously, we learned techniques to analyze malware without executing it in the Basic room. However, as we have learned, malware can use techniques to hide its features from a malware analyst. But no matter how good malware hides its features from , its primary purpose is to execute. And when malware executes, it leaves traces that a malware analyst can use to identify if it's malicious. We will use basic techniques in this room to analyze the traces malware leaves when running.

Learning Objectives:

In this room, we will learn:

  • Sandboxing and using a for malware analysis.
  • The components of a and how to create one for yourself.
  • Using ProcMon to monitor a process' activity.
  • Using Logger and Monitor to identify calls made by malware.
  • Using ProcExp to identify if a process is modified maliciously.
  • Using Regshot to track registry changes made by malware.

Pre-requisites:

Before starting this room, it is recommended that you complete the following rooms for a better understanding of the content in this room.

Answer the questions below
Complete the Pre-requisite rooms.

Ready to learn Cyber Security?

The Basic Dynamic Analysis room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.

Already have an account? Log in

We use cookies to ensure you get the best user experience. For more information see our cookie policy.