This session demonstrated various features of HeartBeat APT RAT using reverse engineering. Demo Video Part 2a – Decrypting various communications Demo Video Part 2b – HeartBeat RAT Functionality 1 -Process enumeration Demo Video Part 2c – HeartBeat RAT Functionality 2 – Process termination Demo Video Part 2d – HeartBeat RAT Functionality 3 – Create and […]
PyMal is a python based interactive Malware Analysis Framework. It is built on the top of three pure python programes Pefile, Pydbg and Volatility. The main aim of the project is to combine all the Malware Analysis related tools into a single interface for rapid analysis. PyMal have several wrapper functions to manipulate Executable […]
This session covered the reversing of HearBeat Rat and decrypting its network communication Demo Video 1 – Decrypting HeartBeat APT RAT communication Demo Video 2 – Reversing the HearBeat APT RAT
This session covered two tools Pymal and Malpimp and demonstrated the use and purpose of these tools, these tools can be helpful in accelerating the malware analysis process.
ExeScan is a console based tool to detect anomalies in PE (Portable Executable) files. It quickly scans given executable file and detect all kind of anomalies in its PE header fields including checksum verification’s, size of various header fields, improper size of raw data, non-ascii/empty section names etc. Various packers/protectors modify PE header to make reversing […]
This session covered the android architecture and some tools to analyse android malwares.
This session covered the tools and techniques to perform malware memory forensics. Demo Video 1 – Malware Memory Forensics Demo Video 2 – Malware Memory Forensics
This presentation covered the process of automating the analysis of malware using the custom written sandbox Demo Video 1 – Sanbox Analysis of Spybot Demo Video 2 – Sandbox Analysis of Zbot Demo Video 3 – Sandbox Analysis of Prolaco
This presentation covered the concept of automating reverse engineering using custom scripts and plugins.
Most of the time it is common to encounter malware which performs anti-analyis techniques, understanding these techniques will help in analyzing such malwares.