Malware analysis as a hobby - the short story (lightning talk)

2,100 views

Published on

Published in: Education, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,100
On SlideShare
0
From Embeds
0
Number of Embeds
1,641
Actions
Shares
0
Downloads
8
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Malware analysis as a hobby - the short story (lightning talk)

  1. 1. Malware Analysis as a Hobby - the short story Michael Boman - Security Consultant/Researcher, Father of 5
  2. 2. The manual way
  3. 3. Drawbacks Time consumingBoring in the long run (not all malware are created equal)
  4. 4. Choose any two…. Cheap Good Fast
  5. 5.  I can do it cheaply (hardware and license cost-wise). Human time notChoose any two? Why included.not all of them?  I can do it quickly (I spend up to 3 Cheap hours a day doing this, at average even less).  I get pretty good results (quality). Where the system lacks I can compensate for its shortcomings.Good Fast
  6. 6. Automateeverything! Automate Engineer yourself out of the workflow
  7. 7. Birth of theMART ProjectMalware Analyst Research Toolkit
  8. 8. Components
  9. 9. Sample Acquisition• Public & Private Collections• Exchange with other malware analysts• Finding and collecting malware yourself
  10. 10. Sample Analysis• Cuckoo Sandbox• VirusTotal
  11. 11. DEMO: Submit sample for analysis
  12. 12. Sample Reporting• Results are stored in MongoDB (optional)• Accessed using a analyst GUI
  13. 13. Budget Computer: €520 MSDN License: €800 (€590 renewal) Year 1: €1320 Year N: €590 Money saved from stopped smoking (yearly): €2040
  14. 14. Next steps• Barebone on-the-iron malware analysis• Android platform support• OSX platform support• iOS patform support
  15. 15. Questions?

×