Security Bootcamp, profile picture
Uploaded bySecurity Bootcamp
PDF, PPTX3,656 views

Empowering Malware Analysis with IDA AppCall

The document discusses empowering malware analysis using the IDA appcall feature, presenting its functions and applications in analyzing different malware types. Key topics include recovering API names, decrypting strings, and extracting configurations from malware like Lokibot and Emotet. It includes examples, analyses, and resources for reversing techniques, aimed at enhancing malware analysis skills.

Internet
Related topics:
Malware Analysis Guide

Embed presentation

Download as PDF, PPTX
Empowering Malware Analysis with IDA AppCall m4n0w4r 10/1/2024 1 # Security_Bootcamp_2024 #Phú_Quốc
#Wh0_4m_1? 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 2
What we will cover    10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 3
Summary of Appcall in IDA (1) • • • • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 4
Summary of Appcall in IDA (2) • • • • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 5
A simple example (1) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 6
A simple example (2) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 7
A simple example (3) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 8
A Great Explanation Video 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 9
Quote Of The Day 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 10
LOKIBOT 10/1/2024 11
LokiBot (1) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 12
LokiBot (2) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 13
Our analysis Reversing LokiBot 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 14
LokiBot Infection Chain 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 15
Dynamic Resolve API Functions 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 16
Hardcore Reverser – try hard to understand logic 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 17
Hardcore Reverser – reimplement code 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 18
Extreme Reverser – try to find lazy way • • • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 19
Recover API Name with IDA AppCall (1) • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 20
Recover API Name with IDA AppCall (2) • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 21
Recover API Name with IDA AppCall (3) • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 22
Recover API Name with IDA AppCall (4) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 23
Result 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 24
10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 25
Our analysis EMOTET 10/1/2024 26
For those who don’t know (1) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 27
For those who don’t know (2) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 28
For those who don’t know (3) • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 29
For those who don’t know (4) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 30
For those who don’t know (5) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 31
For those who don’t know (6) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 32
For those who don’t know (7) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 33
And Meme Everywhere… 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 34
For those who don’t know (8) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 35
From “Dong Lao” with Love 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 36
From “Dong Lao” with Love 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 37
Our analysis Reversing Emotet 10/1/2024 38
Reversing Engineering Emotet 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 39
Context (1) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 40
Context (2) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 41
Decrypt Strings • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 42
Decrypt Strings (1) • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 43
Decrypt Strings (2) • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 44
Decrypt Strings (3) (Pseudocode) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 45
Decrypt Strings (4) (Verify) • • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 46
Decrypt Strings (5) (Solution?) • • •  •  10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 47
Recover Original Strings with IDA AppCall (1) • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 48
Recover Original Strings with IDA AppCall (2) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 49
10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 50
Extract C2s Configuration (1) • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 51
Extract C2s Configuration (2) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 52
Extract C2s Configuration (3) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 53
Extract C2s Configuration (4) •  10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 54
Automate Extract C2s using IDA AppCall (1) • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 55
Automate Extract C2s using IDA AppCall (2) • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 56
Automate Extract C2s using IDA AppCall (3) 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 57
10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 58
Resources • • • • • • • • • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 59
Resources • • • • • • • • 10/1/2024 Empowering Malware Analysis with IDA AppCall Feature 60
End… 10/1/2024 61

More Related Content

PPTX
Practical Malware Analysis: Ch 5: IDA Pro
bySam Bowne
 
PPTX
CODA a novel anti-malware system
byАртур Ханов
 
PDF
CNIT 126 5: IDA Pro
bySam Bowne
 
PPTX
IDAPRO
byMatt Vieyra
 
PPTX
IDA pro - Sam Brown
byssuser30902e
 
PDF
MODERN MALWARE THREAT: HANDLING OBFUSCATED CODE -- CONFIDENCE CONFERENCE (2019)
byAlexandre Borges
 
PPTX
Advanced malwareanalysis training session2 botnet analysis part1
byCysinfo Cyber Security Community
 
PDF
Malware Analysis Tips and Tricks.pdf
byYushimon
 
Practical Malware Analysis: Ch 5: IDA Pro
bySam Bowne
 
CODA a novel anti-malware system
byАртур Ханов
 
CNIT 126 5: IDA Pro
bySam Bowne
 
IDAPRO
byMatt Vieyra
 
IDA pro - Sam Brown
byssuser30902e
 
MODERN MALWARE THREAT: HANDLING OBFUSCATED CODE -- CONFIDENCE CONFERENCE (2019)
byAlexandre Borges
 
Advanced malwareanalysis training session2 botnet analysis part1
byCysinfo Cyber Security Community
 
Malware Analysis Tips and Tricks.pdf
byYushimon
 

Similar to Empowering Malware Analysis with IDA AppCall

PDF
MACHINE LEARNING APPROACH TO LEARN AND DETECT MALWARE IN ANDROID
byIRJET Journal
 
PDF
CNIT 126 5: IDA Pro
bySam Bowne
 
PDF
Maximize Computer Security With Limited Ressources
bySecunia
 
PDF
COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL NEURAL NETWO...
byIJNSA Journal
 
PPTX
malware analysis
by20CS201AkashR
 
PPTX
Malware 101 by saurabh chaudhary
bySaurav Chaudhary
 
PPTX
Advanced malware analysis training session3 botnet analysis part2
byCysinfo Cyber Security Community
 
PPTX
Topic 2. Fundamentals of Malware Analysis .pptx
bykhoiclever
 
PDF
IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
byPriyanka Aash
 
PDF
IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
byDefCamp
 
PPTX
The Hacking Games - Operation System Vulnerabilities Meetup 29112022
bylior mazor
 
PPTX
Advanced Malware Analysis Training Session 3 - Botnet Analysis Part 2
bysecurityxploded
 
PPT
The Future of Automated Malware Generation
byStephan Chenette
 
PPTX
Malware analysis as a hobby (Owasp Göteborg)
byMichael Boman
 
PDF
Malware
bySetiya Nugroho
 
PDF
I haz you and pwn your maal whitepaper
byHarsimran Walia
 
PDF
50120130406012
byIAEME Publication
 
PDF
Android Malware Detection Literature Review
byAhmed Sabbah
 
PPTX
Reversing malware analysis trainingpart9 advanced malware analysis
byCysinfo Cyber Security Community
 
PDF
Technical Workshop - Win32/Georbot Analysis
byPositive Hack Days
 
MACHINE LEARNING APPROACH TO LEARN AND DETECT MALWARE IN ANDROID
byIRJET Journal
 
CNIT 126 5: IDA Pro
bySam Bowne
 
Maximize Computer Security With Limited Ressources
bySecunia
 
COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL NEURAL NETWO...
byIJNSA Journal
 
malware analysis
by20CS201AkashR
 
Malware 101 by saurabh chaudhary
bySaurav Chaudhary
 
Advanced malware analysis training session3 botnet analysis part2
byCysinfo Cyber Security Community
 
Topic 2. Fundamentals of Malware Analysis .pptx
bykhoiclever
 
IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
byPriyanka Aash
 
IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
byDefCamp
 
The Hacking Games - Operation System Vulnerabilities Meetup 29112022
bylior mazor
 
Advanced Malware Analysis Training Session 3 - Botnet Analysis Part 2
bysecurityxploded
 
The Future of Automated Malware Generation
byStephan Chenette
 
Malware analysis as a hobby (Owasp Göteborg)
byMichael Boman
 
Malware
bySetiya Nugroho
 
I haz you and pwn your maal whitepaper
byHarsimran Walia
 
50120130406012
byIAEME Publication
 
Android Malware Detection Literature Review
byAhmed Sabbah
 
Reversing malware analysis trainingpart9 advanced malware analysis
byCysinfo Cyber Security Community
 
Technical Workshop - Win32/Georbot Analysis
byPositive Hack Days
 

More from Security Bootcamp

PDF
Ẩn mình kết nối C&C - Xu hướng tấn công và cách phòng thủ
bySecurity Bootcamp
 
PPTX
AI-ttacks - Nghiên cứu về một số tấn công vào các mô hình học máy và AI
bySecurity Bootcamp
 
PPTX
Human and AI - Balancing Innovation and Data Privacy in the Age of Cyber Threats
bySecurity Bootcamp
 
PPTX
Robustness of Deep learning mode ls.pptx
bySecurity Bootcamp
 
PPTX
DLL Sideloading cho mọi nhà - Security Bootcamp 2024
bySecurity Bootcamp
 
PDF
Let the Hunt Begin - Security Bootcamp 2024
bySecurity Bootcamp
 
PDF
Detection as Code - Effective Approach to manage & optimize SOC Development
bySecurity Bootcamp
 
PDF
Quản trị rủi ro nguồn mở tại các doanh nghiệp phần mềm Việt Nam
bySecurity Bootcamp
 
PDF
Phân tích một chiến dịch ransomware: Từ lan truyền đến tống tiền
bySecurity Bootcamp
 
PDF
CyberJutsu - The Joern-ey of Static Code Analysis.pdf
bySecurity Bootcamp
 
PPTX
Security in the AI and Web3 era - Veramine
bySecurity Bootcamp
 
PDF
ĐỂ AI ĐƯỢC AN TOÀN, MINH BẠCH, CÓ TRÁCH NHIỆM VÀ ‘NHÂN TÍNH’ HƠN
bySecurity Bootcamp
 
PDF
Modern Security Operations - Building and leading modern SOC
bySecurity Bootcamp
 
PDF
Humanity and AI: Balancing Innovation and Data Privacy in the Age of Cyber Th...
bySecurity Bootcamp
 
PPTX
SBC2024_AI TRONG CYBER SECURITY_final.pptx
bySecurity Bootcamp
 
PPTX
Cyber GenAI – Another Chatbot? - Trellix
bySecurity Bootcamp
 
PDF
Akamai_ API Security Best Practices - Real-world attacks and breaches
bySecurity Bootcamp
 
PPTX
How to steal a drone Drone Hijacking - VNPT Cyber Immunity
bySecurity Bootcamp
 
PDF
Detection of Spreading Process on many assets over the network
bySecurity Bootcamp
 
PDF
First Step into Your House: Các kỹ thuật xâm nhập hệ thống phổ biến từ các sự...
bySecurity Bootcamp
 
Ẩn mình kết nối C&C - Xu hướng tấn công và cách phòng thủ
bySecurity Bootcamp
 
AI-ttacks - Nghiên cứu về một số tấn công vào các mô hình học máy và AI
bySecurity Bootcamp
 
Human and AI - Balancing Innovation and Data Privacy in the Age of Cyber Threats
bySecurity Bootcamp
 
Robustness of Deep learning mode ls.pptx
bySecurity Bootcamp
 
DLL Sideloading cho mọi nhà - Security Bootcamp 2024
bySecurity Bootcamp
 
Let the Hunt Begin - Security Bootcamp 2024
bySecurity Bootcamp
 
Detection as Code - Effective Approach to manage & optimize SOC Development
bySecurity Bootcamp
 
Quản trị rủi ro nguồn mở tại các doanh nghiệp phần mềm Việt Nam
bySecurity Bootcamp
 
Phân tích một chiến dịch ransomware: Từ lan truyền đến tống tiền
bySecurity Bootcamp
 
CyberJutsu - The Joern-ey of Static Code Analysis.pdf
bySecurity Bootcamp
 
Security in the AI and Web3 era - Veramine
bySecurity Bootcamp
 
ĐỂ AI ĐƯỢC AN TOÀN, MINH BẠCH, CÓ TRÁCH NHIỆM VÀ ‘NHÂN TÍNH’ HƠN
bySecurity Bootcamp
 
Modern Security Operations - Building and leading modern SOC
bySecurity Bootcamp
 
Humanity and AI: Balancing Innovation and Data Privacy in the Age of Cyber Th...
bySecurity Bootcamp
 
SBC2024_AI TRONG CYBER SECURITY_final.pptx
bySecurity Bootcamp
 
Cyber GenAI – Another Chatbot? - Trellix
bySecurity Bootcamp
 
Akamai_ API Security Best Practices - Real-world attacks and breaches
bySecurity Bootcamp
 
How to steal a drone Drone Hijacking - VNPT Cyber Immunity
bySecurity Bootcamp
 
Detection of Spreading Process on many assets over the network
bySecurity Bootcamp
 
First Step into Your House: Các kỹ thuật xâm nhập hệ thống phổ biến từ các sự...
bySecurity Bootcamp
 

Recently uploaded

PDF
Beacon Kit slides tech framework for world game (s) pdf
bySteven McGee
 
PPTX
Artificial Intelligence (AI) Technology Project Proposal _ by Slidesgo.pptx
byadhyaadi804
 
PDF
Novi.LMS.Veseli.Cetvrtak.001 (1).pdfjjjj
byzoran radovic
 
PDF
Key Duties and Roles of an Ecommerce Developer Singapore
byHachi Web Solution
 
PPTX
Number_Guessing_Game_Dsbsbssbzboc[1].pptx
byfbinsta3426
 
PPTX
Why-Enterprises-Should-Build-Their-Own-Core-Network-and-Own-Their-ASN-and-Pub...
bybunhongkruy
 
PPTX
Dalhousie University Diploma
by文凭办理维多利亚大学购买毕业证学位认证知乎【Q微:1954292140】
 
PPTX
tacacstrianingforwirelessnetworkengineers
byRaviTejaTammineni
 
PDF
Here are the winners of KALIDASA SAMMAN.
byglcppro
 
PPTX
Overview-of-Anti-DDoS-Solutions-On-Premise-vs-On-Cloud.pptx
bybunhongkruy
 
DOCX
BestMaker.ai: The Complete Brand Story, Founder's Vision, and AI Creative Pla...
byssuser7381d6
 
PDF
Greetings All Students Update 3 by LDMMIA
by©LDMMIA, ©Reiki Yoga
 
PPTX
Lesson 3 - Methodology of Green Computing - part2 - dela cruz.pptx
byOmar Fernandez
 
PPTX
Lesson 5 - Cyber attack Pt 3 - Matsuhashi.pptx
byOmar Fernandez
 
PDF
LMS.Golconda.Vanredni.Broj.001.pdfjjjjjjj
byzoran radovic
 
Beacon Kit slides tech framework for world game (s) pdf
bySteven McGee
 
Artificial Intelligence (AI) Technology Project Proposal _ by Slidesgo.pptx
byadhyaadi804
 
Novi.LMS.Veseli.Cetvrtak.001 (1).pdfjjjj
byzoran radovic
 
Key Duties and Roles of an Ecommerce Developer Singapore
byHachi Web Solution
 
Number_Guessing_Game_Dsbsbssbzboc[1].pptx
byfbinsta3426
 
Why-Enterprises-Should-Build-Their-Own-Core-Network-and-Own-Their-ASN-and-Pub...
bybunhongkruy
 
Dalhousie University Diploma
by文凭办理维多利亚大学购买毕业证学位认证知乎【Q微:1954292140】
 
tacacstrianingforwirelessnetworkengineers
byRaviTejaTammineni
 
Here are the winners of KALIDASA SAMMAN.
byglcppro
 
Overview-of-Anti-DDoS-Solutions-On-Premise-vs-On-Cloud.pptx
bybunhongkruy
 
BestMaker.ai: The Complete Brand Story, Founder's Vision, and AI Creative Pla...
byssuser7381d6
 
Greetings All Students Update 3 by LDMMIA
by©LDMMIA, ©Reiki Yoga
 
Lesson 3 - Methodology of Green Computing - part2 - dela cruz.pptx
byOmar Fernandez
 
Lesson 5 - Cyber attack Pt 3 - Matsuhashi.pptx
byOmar Fernandez
 
LMS.Golconda.Vanredni.Broj.001.pdfjjjjjjj
byzoran radovic
 

Empowering Malware Analysis with IDA AppCall