Malware Analysis: Sandboxing

In this lab, you’ll practice running malware in a sandbox and analyzing the results. When you’re finished, you’ll have experience using open-source tooling to analyze malware and learn what information they can reveal. Lastly, we will introduce some sandbox evasion techniques that demonstrate the challenges modern sandboxes face.

* Our Labs are Available for Enterprise and Professional plans only.
Terms and conditions apply.

Contact sales

Lab info

Level

Beginner

Duration

55m

Released

Dec 22, 2023

Lab author

Aaron Diaz

Aaron Diaz has worked primarily as a government contractor working with different branches of the military and government agencies. Aaron has worked as a Threat Hunter, Malware Reverse Engineer, Software Developer, and a Penetration tester. He is passionate about reverse engineering software and all things related to offensive security (malware/exploit development). During his tenure on a Threat Hunting team, he became the lead Malware Reverse Engineer. This sparked a love for understanding how ... more

Challenge

Getting Started in the Lab Environment

Here are the initial instructions and explanation of the lab environment. Read this while your environment is busy creating itself from nothing. Yes, this violates physics; we know. How fun!

Challenge

Malware Triage With a Custom Sandbox

This challenge will discuss what online resources you have available to upload malware samples. We will go over which sandboxes are free and some other tools that can be used to begin triage. We will describe the methodology of building your own Sandbox using open-source tools like Capa, SpeakEasy, and Floss. Finally, we will upload some malware to our custom sandbox and analyze the output.

Challenge

Malware Development and Anti-Analysis Techniques

We will go over some anti-sandbox techniques commonly used today. These are commonly found in highly evasive samples used by APTs, cyber criminals and advanced red teams.

Challenge

The Last Challenge

Welcome to the final challenge! This is your last chance to experiment in the environment. Clicking Finish Lab will end this little world that flittered into existence just for you.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.

Recommended prerequisites

Fundamental understanding of software/applications and how they are used on Windows.
Familiar with virtualization/containers and their usage for malware analysis .
Familiar with concepts of what is malware and why it is used by malicious actors.

Ready to skill up
your entire team?

Subscriptions

Continue to checkout Continue to checkout

Cancel

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Access thousands of videos to develop critical skills
Give up to 50 users access to thousands of video courses
Practice and apply skills with interactive courses and projects
See skills, usage, and trend data for your teams
Prepare for certifications with industry-leading practice exams
Measure proficiency across skills and roles
Align learning to your goals with paths and channels

Ready to skill up
your entire team?

Subscriptions

Continue to checkout

Cancel

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Access thousands of videos to develop critical skills
Give up to 50 users access to thousands of video courses
Practice and apply skills with interactive courses and projects
See skills, usage, and trend data for your teams
Prepare for certifications with industry-leading practice exams
Measure proficiency across skills and roles
Align learning to your goals with paths and channels

Contact Sales

Malware Analysis: Sandboxing

Lab info