CybyAI
MC-12 · Mini-course

Static and dynamic malware analysis: Ghidra, x64dbg, ANY.RUN, YARA rules and report writing.

15 lessons3 modulesAdvancedGhidra + x64dbg
Start Learning← All Courses

Why this matters right now

450,000 new malware samples appear every day

450,000new malware samples appear every day
90%of malware uses obfuscation or packers
$150k+salary for malware analysts at top companies
GhidraNSA's open-source reverse engineering tool

After the course you will be able to

Not abstract knowledge — concrete skills for analyzing real malware

🔬Perform static analysis of a PE file without executing it
⚙️Disassemble and decompile malware in Ghidra
🐛Step-debug malicious code in x64dbg
📦Identify and unpack UPX and other packers
📝Write YARA rules to detect malware families
🌐Analyze malware network behavior via Wireshark + FakeNet
🏖️Run malware in ANY.RUN sandbox and interpret the report
📊Write a professional malware sample analysis report

Real attacks in the course

Analyzing real malware — WannaCry, Emotet and APT samples

Real case2017

WannaCry — kill-switch found in static analysis

Researcher MalwareTech spent 20 minutes in static analysis and found a hardcoded URL — WannaCry's kill-switch. Registering the domain for $10 stopped the global epidemic.

Module 02 · strings and static analysis
APT2020

Emotet — 3 weeks of deobfuscation

Emotet used multi-layer obfuscation: packed → VBA macro → PowerShell → .NET → shellcode. The full analysis chain took the Malwarebytes team 3 weeks.

Module 03 · x64dbg and dynamic analysis
Success Story2023

YARA rule caught a new strain in 6 hours

An analyst wrote a YARA rule based on an old sample analysis. 6 hours later the rule triggered on a new strain of the same family in a corporate network.

Module 02 · YARA: writing signatures

Course Program

3 modules · 15 lessons: from sandbox to Ghidra and x64dbg

Where this course leads

Malware Analysis — the pinnacle of defensive security careers

$4,000 — $12,000/mo

Malware Analyst

Analyze new malware samples, write YARA rules, create antivirus signatures and publish technical reports.

Ghidrax64dbgYARAStatic Analysis
Track:FC-07 → MC-12 → MC-11
$5,000 — $15,000/mo

Reverse Engineer

Reverse-engineer malicious code, research zero-day exploits, work in Threat Intelligence teams at top companies.

GhidraIDA ProAssemblyExploit Analysis
Track:MC-12 → FC-07 → FC-10
$3,500 — $8,000/mo

Threat Intelligence

Track APT groups, analyze their TTPs through malware, publish threat reports and help SOC teams set up detection.

Malware AnalysisYARACTIThreat Reports
Track:FC-07 → MC-12 → FC-10

Who this course is for

🦠

Malware Analysts

Want to systematically learn analysis methodology — from simple strings to full reverse engineering in Ghidra.

🔍

DFIR Specialists

Investigating incidents and need skills for quick triage of malicious samples during investigations.

🛡️

Blue Team

Want to understand attacker behavior at code level to write more precise detection and YARA rules.

Reverse malware
like a researcher
today

15 lessons, Ghidra, x64dbg and real WannaCry and Emotet samples. Become a malware analyst.

Start Learning← All Courses
MC-12● Mini-course

Malware Analysis Basics

Level: advanced

15 lessons
video + practice
3 modules
by topic
Advanced
difficulty level
Ghidra + x64dbg
primary tools
Static PE analysis without execution
Ghidra decompilation and disassembly
x64dbg step-by-step debugging
YARA rules for malware families