Malware Analysis for Incident Response

This is the official website of the workshop “Malware Analysis for Incident Response”, given in person at “Cybersecurity Summer BootCamp 2023”, organized by the Spanish National Cybersecurity Institute (INCIBE).

Material

• Workshop slides

Additional Material (Lab Sessions)

Lab Workbooks

• Lab session 1: Basic Malware Analysis (additional files)
• Lab session 2: Malware Extraction and Analysis (additional files)

Virtual Machines

• Windows 7 Virtual Machine (MD5 hashes)
• Debian 10 Virtual Machine (MD5 hashes)

They are compressed OVA files, you can deploy them with VirtualBox, VMWare, or the hypervisor software of your choice (VirtualBox is recommended). The Windows VM is necessary for the first laboratory, while both VMs (Debian + Windows) are necessary for the second laboratory.

License

All material distributed on this website is licensed under CC BY-NC-SA 4.0.

Author

Ricardo J. Rodríguez

LAST UPDATE

• July 4, 2023: Publication of workshop content
• June 30, 2023: Initial creation of the website