A Primer on Reverse Engineering Malwares

More documents

Recommendations

Info

Behavior Analysis Reading the Contents Behaviour Analysis Source - http://zeltser.com © 2011 KPMG, an Indian Partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Analysis of Content 1. String “Test” 2. Gsmtp185.google.com �� DNS 3. mastercleanex@gmail.com �� SMTP Inference 1. Processing the DAT File 2. Capability to connect outside 3. Capability to send email To Confirm - We Read the Network Theories
Behavior Analysis Verifying the Theory CaptureBAT is similar to Process Monitor in that it records local processes’ interactions with their environment. (Less Noisy – Filters) Load the .cap file created by CaptureBAT into a full-feature network sniffer, such as Wireshark (http://www.wireshark.org). Attempts by malware specimen to create pas.txt file and to locate the msnsettings.dat file � screenshot Behaviour Analysis Source - http://zeltser.com © 2011 KPMG, an Indian Partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Theory Confirmed
Page 1 and 2: A Primer on Revers
Page 3 and 4: Setting the Stage
Page 5 and 6: Malware’s growing at alarming rat
Page 7 and 8: Cyber War Virtual Wars Source - htt
Page 9 and 10: Scenario @ home Penetration into Hi
Page 11 and 12: Malware Entry Points Universal Seri
Page 13 and 14: Zombie Hotspots @ Home India leadin
Page 15 and 16: Introduction
Page 17 and 18: Malwares & their Variants Trojan Ho
Page 19 and 20: Myth I - I bought an Anti-virus and
Page 21 and 22: Myth III - Malwares creation requir
Page 23 and 24: So we know why they are written…
Page 25 and 26: Malware Detection & Analysis Life C
Page 27 and 28: Data Collection & Analysis Data Col
Page 29 and 30: Ad-Hoc Utilities used for Malware D
Page 31 and 32: Behavior Analysis 3 Stage Approach
Page 33 and 34: Behavior Analysis Mitigating Risk V
Page 35: Behavior Analysis Monitoring Proces
Page 39 and 40: Dynamic Malware Analysis - Process
Page 41 and 42: Code Analysis Expands and Reinforce
Page 43 and 44: Code Analysis …..with patience…
Page 45 and 46: Case Study - Operation Aurora Overv
Page 47 and 48: Reverse-Engineering Malware (Cheat
Page 49: Thank You Presentation by Sony Anth

A Primer on Reverse Engineering Malwares

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?