Essentials of Malware Analysis

This course provides a beginner-level introduction to the tools and methodologies used to perform malware analysis on executables found in Windows systems using a practical, hands-on approach. The course introduces learners to disassembly, preparing them for topics covered in more advanced courses. This content is taught by FLARE malware analysts who are experienced in analyzing a diverse set of malware.

Learning Objectives

After completing this course, learners should be able to:

  • Quickly perform a malware autopsy using a variety of techniques and tools without running the malware
  • Analyze running malware by observing file system changes, function calls, network communications and other indicators
  • Review the basics and build a foundation of the x86 assembly language
  • Recognize code constructs in the disassembly
  • Use IDA Pro, the main tool for disassembly analysis

Who Should Attend

Information technology staff, information security staff, corporate investigators and others who need to understand how malware functions operate and the processes involved in malware analysis.


General knowledge of computer and operating system fundamentals. Exposure to computer programming fundamentals and Windows Internals experience (recommended).

What to Bring

Laptop computer with VMware Workstation 10+ or VMware Fusion 7+, and at least 30 GB of free HDD space.


2 days

Instructor-Led Training Instructor-Led Training

Courses cannot be purchased or accessed from this site.

If you would like to register for this course, please contact your FireEye account manager.

Thank you.