A Primer on Reverse Engineering Malwares

More documents

Recommendations

Info

Behavior Analysis Setup the Lab (Controlled Environment) Virtualized Environment (Multi Instance for Comparison) Multiple snapshots, which comes in very handy for “bookmarking” different stages of your analysis and for reverting back to system’s pristine state Malware may have defenses that prevent it from executing properly in a virtualized environment. In these cases, the easiest step might be to use a set of physical systems (DD) Behaviour Analysis Source - http://zeltser.com © 2011 KPMG, an Indian Partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Behavior Analysis Mitigating Risk Virtualized Environment (Not Airtight – Physical Systems) Virtualization Software Bugs – Could be Vulnerable to the Malicious code being analyzed No Connection to the Production Environment and Updated Patches is a MUST. Behaviour Analysis Source - http://zeltser.com © 2011 KPMG, an Indian Partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Page 1 and 2: A Primer on Revers
Page 3 and 4: Setting the Stage
Page 5 and 6: Malware’s growing at alarming rat
Page 7 and 8: Cyber War Virtual Wars Source - htt
Page 9 and 10: Scenario @ home Penetration into Hi
Page 11 and 12: Malware Entry Points Universal Seri
Page 13 and 14: Zombie Hotspots @ Home India leadin
Page 15 and 16: Introduction
Page 17 and 18: Malwares & their Variants Trojan Ho
Page 19 and 20: Myth I - I bought an Anti-virus and
Page 21 and 22: Myth III - Malwares creation requir
Page 23 and 24: So we know why they are written…
Page 25 and 26: Malware Detection & Analysis Life C
Page 27 and 28: Data Collection & Analysis Data Col
Page 29 and 30: Ad-Hoc Utilities used for Malware D
Page 31: Behavior Analysis 3 Stage Approach
Page 35 and 36: Behavior Analysis Monitoring Proces
Page 37 and 38: Behavior Analysis Verifying the The
Page 39 and 40: Dynamic Malware Analysis - Process
Page 41 and 42: Code Analysis Expands and Reinforce
Page 43 and 44: Code Analysis …..with patience…
Page 45 and 46: Case Study - Operation Aurora Overv
Page 47 and 48: Reverse-Engineering Malware (Cheat
Page 49: Thank You Presentation by Sony Anth

A Primer on Reverse Engineering Malwares

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?