How to Hunt for Ransomware Variants in Your Malware Lab - Data Exfiltration

Presented by

Rob Simmons, Independent Malware & Threat Researcher at ReversingLabs

About this talk

Over the past year, a major change in tactics employed by ransomware adversaries has been to exfiltrate data from the victim's environment. This data then serves as the material for an extortion threat on top of the ransom for encrypted data, and has become a common tactic by most major ransomware families. To support this tactic, some ransomware operators have added a specific type of malware to perform this exfiltration to their intrusion set. During this webinar, Rob Simmons, Independent Malware & Threat Researcher at ReversingLabs, will analyze a ransomware sample that performs data exfiltration in his malware lab. Rob will show how the malware uploads a set of files from the victim's computer to command and control servers, how to identify anti-analysis behavior, and then how to hunt for related variants of the same malware.

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (19)
Subscribers (1466)
ReversingLabs is the leading provider of explainable threat intelligence solutions that shed the necessary light on complex file-based threats for enterprises stretched for time and expertise. Its hybrid-cloud Titanium Platform enables digital business resiliency, protects against new modern architecture exposures, and automates manual SOC processes with a transparency that arms junior analysts to confidently take action.