How to Hunt for Ransomware Variants in Your Malware Lab - Data Exfiltration

Logo
Presented by

Rob Simmons, Independent Malware & Threat Researcher at ReversingLabs

About this talk

Over the past year, a major change in tactics employed by ransomware adversaries has been to exfiltrate data from the victim's environment. This data then serves as the material for an extortion threat on top of the ransom for encrypted data, and has become a common tactic by most major ransomware families. To support this tactic, some ransomware operators have added a specific type of malware to perform this exfiltration to their intrusion set. During this webinar, Rob Simmons, Independent Malware & Threat Researcher at ReversingLabs, will analyze a ransomware sample that performs data exfiltration in his malware lab. Rob will show how the malware uploads a set of files from the victim's computer to command and control servers, how to identify anti-analysis behavior, and then how to hunt for related variants of the same malware.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (82)
Subscribers (2302)
ReversingLabs empowers modern software development & SOC teams to protect their software releases & organizations from sophisticated threats.