We demonstrate static and dynamic reversing of infamous malware samples like MagicKarakurt and LightSpy for Android and iOS, and the DuKong framework. You’ll get a detailed view with comments from our expert of the samples you’re unlikely to find in any other course.
Contact us
Ask a question?
If you want to know anything about the course, we’re here to help.
Mobile Malware Reverse Engineering
Course Overview
With almost everyone in the world owning a smartphone that effectively mixes the person’s private area and work lives, keeping systems intact has become a growing challenge for corporate IT security and SOC teams.
Mobile malware is often used in cyberattacks against organizations by both cybercriminals and sophisticated APT actors, so the ability to counter such attacks is crucial for corporate security teams.
The Mobile Malware Reverse Engineering training is based on Kaspersky’s vast experience in this field and authored by one of the leading experts on mobile malware – Victor Chebyshev. The course features static and dynamic analysis of some outstanding and unique malware samples like MagicKarakurt, LightSpy and the DuKong framework.
By taking this online course you will:
- Learn advanced features of static analysis (permissions, strings, signature, resource files, decompilation of Dalvik bytecode)
- Understand how to analyze mobile malware including Android and iOS samples
- Learn how to analyze native libraries for Android and iOS statically, as well as advanced dynamic analysis with Frida framework.
You will immediately put your new knowledge to practice in our restricted virtual lab where you can safely reverse the dangerous malware samples we introduce you to.
Real-life targeted Android and iOS malware samples
Master advanced tools and techniques
Watch as Victor shows you his skills and tricks in dynamic instrumentation, native API hooking, return value dumping, unpacking, function resolving using Ghidra plugins and more!
Lots of safe practice on malware samples
You’ll get 100 hours of access to the restricted virtual environment to securely practice reversing the samples and playing with them for your skill development.
Intermediate
$890 inc. tax per learner
Training objectives
- Understand how to analyze mobile malware including Android/iOS samples
- Learn advanced static analysis or so-called surface analysis: permissions, strings, signature, resource files, decompilation of Dalvik bytecode
- Learn how to analyze native libraries for Android and iOS statically using Ghidra
- Learn advanced dynamic analysis using dynamic instrumentation with Frida
Prerequisites
- Basic knowledge of networking and programming concepts
- Familiarity with x86/64 assembly language
- Prior experience with IDA Pro
- Basic knowledge of Python 3
- Experience with Java programming is particularly helpful
Your course leader
Victor Chebyshev
Security Researcher
Victor Chebyshev is a security researcher specializing in mobile targeted attacks, research and static reverse engineering.
Victor regularly provides customer training on these subjects and has presented his malware research at various cybersecurity conferences, like the SAS, the RSA Conference etc.
Who it's for
Corporate IT security managers
Mobile malware poses a significant threat to enterprise IT networks – in the course we show practical techniques to deal with them. The course is a great tool to upgrade your security team’s ability to counter various cyber threats.
Reverse engineers and SOC professionals
Mobile malware has its own unique features which attackers use in their activities. The knowledge gained on this course will take your professionalism to the next level.
How you'll learn
Guided video lectures
Learn from well-explained videos by a top expert on mobile malware, who shares his practical experience and hacks.
Hands-on virtual lab
Practice in our fully configured virtual lab to tinker with the malware samples and get the best of them.
Structured flow
The course is built around progressive learning with a consistent module framework. Each module is based on a specialist overview of each task, practical work in the virtual lab and detailed solution walk-throughs.
Syllabus
Introduction
- Course Introduction
- Introduction To The Virtual Lab
Mobile Malware Essentials
- Mobile Malware Essentials: Android
- Mobile Malware Essentials: iOS
DuKong: Sophisticated Android Espionage Campaign
- DuKong: The Story
- Introduction To DuKong
- Solution: Introduction To DuKong. Stager Functionality
- DuKong: Payload Decryption
- Solution: Decryption. DuKong Payload Analysis
- DuKong: Wrap-up
LightSpy
- LightSpy: The Story
- Solution: Surface Analysis. LightSpy Unpacking
- LightSpy: Wrap-up
MagicKarakurt
- MagicKarakurt: The Story. Surface Analysis
- Solution: Surface Analysis. Dive Into Native
- Dynamic Config Dumping
- Back To Java
- MagicKarakurt: Wrap-up
LightSpy iOS
- LightSpy iOS: The Story
- Solution: Surface Analysis. Code Analysis
- LightSpy iOS: Wrap-up
- Course Summary
Benefits for you
 |
6 months to complete your course from activation of your access code |  |
 |
Courses delivered in English with subtitles | |
 |
Self-guided learning that fits around your life | |
 |
It will take you approximately 3.5 hours to watch the videos | |
 |
PDF downloads of training materials & tips | |
 |
Browser-based via desktop, mobile & tablet (excludes virtual lab which requires an RDP client) | |
 |
Leading security researcher of mobile malware | |
 |
20+ videos to guide you through the course | |
 |
100 hours of virtual lab time for hands-on learning | |
 |
Platform support and help from our subject matter experts is available by email 0900 - 1730 UK time on standard business days via help.kasperskyxtraining.com. | |
 |
PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s) | |
$890 inc. tax per learner