Picking the right needles from the malware haystack (Katja Pericin)
| February 27th, 2018Level: Technical
Abstract:
Number of new malware families is in constant growth with millions of new samples each day. In this landscape, how do you find samples worth looking at? How do you distinguish unique malware from copy-paste-patch-to-work malware? And once you found it, how do you hunt it down? On the example of Upatre downloader we will show how to gather over 1.8 million files of the same malware family, inspect malware’s hidden configuration settings and do comprehensive analysis on C&C servers.
Bio:
Katja (Malvoni) Pericin works as Reverse Engineer at ReversingLabs focusing on malware hunting and analysis. Before she become interested in reverse engineering she was working on John The Ripper password cracker developing energy-efficient password cracking techniques. Recently she presented her work at PasswordsCon, WOOT and SkyTalks conferences.
Video/recordings: