A Primer on Reverse Engineering Malwares

More documents

Recommendations

Info

Code Analysis Strings and their meaning A good way to start analyzing the specimen’s code often involves looking at the strings embedded in its executable. The string “test” is not visible anywhere within the body of the malicious executable when it’s not running. Behaviour Analysis Source - http://zeltser.com © 2011 KPMG, an Indian Partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Code Analysis …..with patience… The trojan seems to be looking for the string “test” in the “E-mail address” field. Launch the trojan and enter “test” to see what happens Behaviour Analysis Source - http://zeltser.com © 2011 KPMG, an Indian Partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Enter “test”, the trojan brings you to a brand new screen that seems to allow you to configure the trojan’s operation. The configuration options let you define the passphrase to activate this string, the address where the trojan will send captured logon credentials, etc.
Page 1 and 2: A Primer on Revers
Page 3 and 4: Setting the Stage
Page 5 and 6: Malware’s growing at alarming rat
Page 7 and 8: Cyber War Virtual Wars Source - htt
Page 9 and 10: Scenario @ home Penetration into Hi
Page 11 and 12: Malware Entry Points Universal Seri
Page 13 and 14: Zombie Hotspots @ Home India leadin
Page 15 and 16: Introduction
Page 17 and 18: Malwares & their Variants Trojan Ho
Page 19 and 20: Myth I - I bought an Anti-virus and
Page 21 and 22: Myth III - Malwares creation requir
Page 23 and 24: So we know why they are written…
Page 25 and 26: Malware Detection & Analysis Life C
Page 27 and 28: Data Collection & Analysis Data Col
Page 29 and 30: Ad-Hoc Utilities used for Malware D
Page 31 and 32: Behavior Analysis 3 Stage Approach
Page 33 and 34: Behavior Analysis Mitigating Risk V
Page 35 and 36: Behavior Analysis Monitoring Proces
Page 37 and 38: Behavior Analysis Verifying the The
Page 39 and 40: Dynamic Malware Analysis - Process
Page 41: Code Analysis Expands and Reinforce
Page 45 and 46: Case Study - Operation Aurora Overv
Page 47 and 48: Reverse-Engineering Malware (Cheat
Page 49: Thank You Presentation by Sony Anth

A Primer on Reverse Engineering Malwares

Create successful ePaper yourself

Delete template?

Save as template?