Malware Analysis Made Simple SecureWorld Expo Detroit

•

6 likes•2,595 views

Paul Melson

"Malware Analysis Made Simple" from SecureWorld Expo Detroit, 11/05/2008

Technology

Malware Analysis Made Simple SecureWorld Expo Detroit Wednesday, November 5, 2008 Paul Melson

Why Not Focus On Prevention? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

You’re Probably Required To ,[object Object],[object Object],[object Object],[object Object],[object Object]

Malware is Number 1! Yay! ,[object Object],[object Object],[object Object],[object Object],[object Object]

Firewalls & Antivirus Have Lost ,[object Object],[object Object],[object Object]

Malware is Adapting Quickly ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

“ But it’s just spyware, right?” ,[object Object],[object Object],[object Object],[object Object],[object Object]

Anatomy of a Drive-By Download Dropper Malware Servers More Malware JScript Exploit

Log Files ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

IDS/IPS Alerts ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Snort Rules ,[object Object],[object Object],[object Object],[object Object]

Antivirus?! Yes, Antivirus! ,[object Object],[object Object]

For Starters ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Detecting Packed Files ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Analyzing Binary Files ,[object Object],[object Object],[object Object],[object Object],[object Object]

Behavioral Analysis ,[object Object],[object Object],[object Object],[object Object],[object Object]

Network Analysis ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Analyzing System Hooks ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Response Toolkit: CD ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Analysis Toolkit: VM ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Prevention – Whack-a-Mole ,[object Object],[object Object],[object Object]

Prevention: Local Admin? ,[object Object],[object Object],[object Object],[object Object],[object Object]

Parting Shot: Best Practices ,[object Object],[object Object],[object Object]

What's hot

Cyber Threat Hunting: Identify and Hunt Down IntrudersInfosec

MalwareAnoushka Srivastava

Malware AnalysisPrashant Gupta

The top 10 windows logs event id's used v1.0Michael Gough

Metasploithenelpj

Introduction To Exploitation & MetasploitRaghav Bisht

Malware Classification and AnalysisPrashant Chopra

Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...grecsl

Windows Threat HuntingGIBIN JOHN

Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...Sam Bowne

Practical White Hat Hacker Training - Passive Information Gathering(OSINT)PRISMA CSI

Cyber Threat Hunting WorkshopDigit Oktavianto

Penetration Testing BasicsRick Wanner

Alphorm.com Formation Analyse de Malware 2/2 : Le guide completAlphorm

CNIT 123: Ch 3: Network and Computer AttacksSam Bowne

Purple Teaming the Cyber Kill Chain: Practical Exercises for Everyone Sector...Chris Gates

Security Analyst Workshop - 20190314Florian Roth

PHDays 2018 Threat Hunting Hands-On LabTeymur Kheirkhabarov

Threat hunting for BeginnersSKMohamedKasim

Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain

What's hot (20)

Cyber Threat Hunting: Identify and Hunt Down Intruders

Malware

Malware Analysis

The top 10 windows logs event id's used v1.0

Metasploit

Introduction To Exploitation & Metasploit

Malware Classification and Analysis

Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...

Windows Threat Hunting

Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...

Practical White Hat Hacker Training - Passive Information Gathering(OSINT)

Cyber Threat Hunting Workshop

Penetration Testing Basics

Alphorm.com Formation Analyse de Malware 2/2 : Le guide complet

CNIT 123: Ch 3: Network and Computer Attacks

Purple Teaming the Cyber Kill Chain: Practical Exercises for Everyone Sector...

Security Analyst Workshop - 20190314

PHDays 2018 Threat Hunting Hands-On Lab

Threat hunting for Beginners

Ethical Hacking n VAPT presentation by Suvrat jain

Viewers also liked

'Malware Analysis' by PP SinghBipin Upadhyay

Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014grecsl

PyTriage: A malware analysis frameworkYashin Mehaboobe

CNIT 126 Ch 0: Malware Analysis Primer & 1: Basic Static TechniquesSam Bowne

Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"Lane Huff

CNIT 126 4: A Crash Course in x86 DisassemblySam Bowne

CNIT 126 7: Analyzing Malicious Windows ProgramsSam Bowne

CNIT 127 14: Protection MechanismsSam Bowne

CNIT 126 6: Recognizing C Code Constructs in Assembly Sam Bowne

CNIT 126 8: DebuggingSam Bowne

CNIT 126 5: IDA Pro Sam Bowne

Practical Malware Analysis Ch12Sam Bowne

Practical Malware Analysis: Ch 6: Recognizing C Code Constructs in AssemblySam Bowne

Ch 13: Network Protection SystemsSam Bowne

Cybersecurity and The BoardPaul Melson

Practical Malware Analysis: Ch 11: Malware BehaviorSam Bowne

Practical Malware Analysis: Ch 10: Kernel Debugging with WinDbgSam Bowne

Practical Malware Analysis: Ch 15: Anti-DisassemblySam Bowne

Client side attacks using PowerShellNikhil Mittal

CNIT 126 9: OllyDbgSam Bowne

Viewers also liked (20)

'Malware Analysis' by PP Singh

Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014

PyTriage: A malware analysis framework

CNIT 126 Ch 0: Malware Analysis Primer & 1: Basic Static Techniques

Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"

CNIT 126 4: A Crash Course in x86 Disassembly

CNIT 126 7: Analyzing Malicious Windows Programs

CNIT 127 14: Protection Mechanisms

CNIT 126 6: Recognizing C Code Constructs in Assembly

CNIT 126 8: Debugging

CNIT 126 5: IDA Pro

Practical Malware Analysis Ch12

Practical Malware Analysis: Ch 6: Recognizing C Code Constructs in Assembly

Ch 13: Network Protection Systems

Cybersecurity and The Board

Practical Malware Analysis: Ch 11: Malware Behavior

Practical Malware Analysis: Ch 10: Kernel Debugging with WinDbg

Practical Malware Analysis: Ch 15: Anti-Disassembly

Client side attacks using PowerShell

CNIT 126 9: OllyDbg

Similar to Malware Analysis Made Simple SecureWorld Expo Detroit

Two-For-One Talk: Malware Analysis for EveryonePaul Melson

Security HandbookAnthony Hasse

Hacking and its DefenceGreater Noida Institute Of Technology

Basic Dynamic Analysis of MalwareNatraj G

Cybersecurity - Jim ButterworthTechBiz Forense Digital

DevSecCon Talk: An experiment in agile Threat ModellingzeroXten

An experiment in agile threat modellingDevSecCon

2600 av evasion_deuceDb Cooper

Lab-10 Malware Creation and Denial of Service (DoS) In t.docxpauline234567

Sembang2 Keselamatan It 2004Linuxmalaysia Malaysia

Intro2 malwareanalysisshortVincent Ohprecio

Modern Malware and ThreatsMarketingArrowECS_CZ

Kunal - Introduction to BackTrack - ClubHack2008ClubHack

Kunal - Introduction to backtrack - ClubHack2008ClubHack

Workshop on BackTrack live CDamiable_indian

Modern malware and threatsMartin Holovský

SplunkLive! Stockholm 2015 breakout - Analytics based securitySplunk

Hackingrameswara reddy venkat

HackingRoshan Chaudhary

Security by Weston HeckerEC-Council

Similar to Malware Analysis Made Simple SecureWorld Expo Detroit (20)

Two-For-One Talk: Malware Analysis for Everyone

Security Handbook

Hacking and its Defence

Basic Dynamic Analysis of Malware

Cybersecurity - Jim Butterworth

DevSecCon Talk: An experiment in agile Threat Modelling

An experiment in agile threat modelling

2600 av evasion_deuce

Lab-10 Malware Creation and Denial of Service (DoS) In t.docx

Sembang2 Keselamatan It 2004

Intro2 malwareanalysisshort

Modern Malware and Threats

Kunal - Introduction to BackTrack - ClubHack2008

Kunal - Introduction to backtrack - ClubHack2008

Workshop on BackTrack live CD

Modern malware and threats

SplunkLive! Stockholm 2015 breakout - Analytics based security

Hacking

Security by Weston Hecker

Recently uploaded

Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson

Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity

DevEX - reference for building teams, processes, and platformsSergiu Bodiu

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada

Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm

Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited

Advanced Computer Architecture – An IntroductionDilum Bandara

DMCC Future of Trade Web3 - Special EditionDubai Multi Commodity Centre

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada

How to write a Business Continuity PlanDatabarracks

DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell

TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc

Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB

TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey

Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation

Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar

Commit 2024 - Secret Management made easyAlfredo García Lavilla

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos

Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan

Recently uploaded (20)

Are Multi-Cloud and Serverless Good or Bad?

Dev Dives: Streamline document processing with UiPath Studio Web

DevEX - reference for building teams, processes, and platforms

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024

Streamlining Python Development: A Guide to a Modern Project Setup

Ensuring Technical Readiness For Copilot in Microsoft 365

Advanced Computer Architecture – An Introduction

DMCC Future of Trade Web3 - Special Edition

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024

How to write a Business Continuity Plan

DSPy a system for AI to Write Prompts and Do Fine Tuning

TrustArc Webinar - How to Build Consumer Trust Through Data Privacy

Developer Data Modeling Mistakes: From Postgres to NoSQL

TeamStation AI System Report LATAM IT Salaries 2024

Connect Wave/ connectwave Pitch Deck Presentation

Unleash Your Potential - Namagunga Girls Coding Club

Commit 2024 - Secret Management made easy

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)

Generative AI for Technical Writer or Information Developers