Advanced automation of static malware analysis. Hands-on workshop

Logo
Presented by

Igor Kuznetsov, Chief Security Researcher, Kaspersky

About this talk

If you are an experienced security researcher or incident responder and deal with malware analysis in a professional capacity and at a scale, you understand how important it is to automate static analysis in order to optimize routine tasks and preserve your work in code for your team. Join Igor Kuznetsov, Chief Security Researcher, Kaspersky GReAT, in this practical webinar, where he unveils his automation know-hows distilled from years of APT research experience. He will also introduce his new online course on Advanced Malware Analysis Techniques. Read more about the course here: https://kas.pr/gr9i In this webinar, Igor will inspect samples from the notorious Bangladesh (Central) Bank heist and use them to walk through the common tasks required for malware analysis: recognizing crypto algorithms and writing decoding tools. 1. Firstly, Igor will analyze the code and data flow using IDA Pro to locate the code used to decrypt the configuration file (“gpca.dat”). 2. Then, he will inspect the code to recognize the common cipher used by the malicious sample. Using that information and Python 3, Igor will create a static decoder to decrypt the file. 3. Finally, the session will discuss ways to improve tooling by creating static analysis frameworks, which are used in the recently launched Kaspersky Advanced Malware Analysis Training. Igor will also introduce the new Advanced Malware Analysis Techniques online course. This self-study, 100% hands-on advanced course is based on 16 real-life, notorious cases including Lazarus, Carbanak, MikiDuke etc. which Igor has personally worked on. The course focuses on static analysis techniques and also features automation of decryption, decoding, and other sample processing techniques. Webinar participants will have the opportunity to win free access to this new online course.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (256)
Subscribers (59217)
On this channel, Kaspersky experts share their knowledge and key insights into high-fidelity threat hunting and intelligence, incident management, malware analysis, reverse engineering, security solutions, and several other vital aspects of the cyberworld. To keep you up to date, the experts also provide detailed webinars and workshops on how Kaspersky security solutions and services can halt and prevent a vast range of malicious attacks conducted by cybercriminals. Kaspersky is a global cybersecurity and digital privacy company that has been providing protection for 25 years, with over 400 million users from more than 200 countries. Kaspersky experts' mission is to help you find the perfect weapon to protect against any cyberthreat, carried out by even the most sophisticated cybercriminals. Kaspersky researchers are top-notch cybersecurity and protection technology experts, who regularly take part in leading information security events worldwide as best-in-class speakers. Kaspersky’s deep threat intelligence and security expertise is constantly being transformed into innovative security solutions and services that protect businesses, critical infrastructure, governments and consumers around the globe. Subscribe and learn more about the latest cybersecurity discoveries on the threat landscape and how to defend against them. Contact us at https://www.kaspersky.com/about/contact