Meetup 2 – Dissecting BetaBot
In this presentation, Raghav Pande explained various self defending mechanisms of BetaBot. He also presented unpacking, hooking and injection methods of this malware using illustrative screenshots. Presentation:
0
0
1st Quarterly Meet – 21st Jun 2014
Our rocking stars, Amit Malik & Monnappa delivered fabulous presentations on detection and mitigation of advanced attacks emerging in Security arena. Here is the link to presentations and video demonstrations, 1. Watering Hole Attacks Case Study and Analysis 2. Chronicles of Malware and Detection Systems. Here are the few snapshots from the session,
0
Meetup 1 – Chronicles of Malware and Detection Systems
In this presentation, Amit Malik showcased emerging trends on how Malwares have evolved over the time. He also presented new and special detection techniques to combat each of these sophisticated attacks. Presentation:
14
Meetup 1 – Watering Hole Attacks Case Study and Analysis
In this presentation Monnappa showcased a novel concept in security arena – “Watering Hole Attack”. He presented various exploitation methods around it using the practical video demonstration. Presentation: Video Demonstration: References: http://about-threats.trendmicro.com/RelatedThreats.aspx?language=au&name=Watering+Hole+101 http://www.fireeye.com/blog/technical/cyber-exploits/2014/02/operation-snowman-deputydog-actor-compromises-us-veterans-of-foreign-wars-website.html http://www.securityweek.com/new-ie-10-zero-day-used-watering-hole-attack-targeting-us-military http://blogs.cisco.com/security/watering-hole-attacks-target-energy-sector/
22
Session 11: (Part 2) Dissecting the HeartBeat APT RAT Features
This session demonstrated various features of HeartBeat APT RAT using reverse engineering. Demo Video Part 2a – Decrypting various communications Demo Video Part 2b – HeartBeat RAT Functionality 1 -Process enumeration Demo Video Part 2c – HeartBeat RAT Functionality 2 – Process termination Demo Video Part 2d – HeartBeat RAT Functionality 3 – Create and […]
6
PyMal
PyMal is a python based interactive Malware Analysis Framework. It is built on the top of three pure python programes Pefile, Pydbg and Volatility. The main aim of the project is to combine all the Malware Analysis related tools into a single interface for rapid analysis. PyMal have several wrapper functions to manipulate Executable […]
14
Session 10: (Part 1) Reversing & Decrypting Communications of HeartBeat RAT
This session covered the reversing of HearBeat Rat and decrypting its network communication Demo Video 1 – Decrypting HeartBeat APT RAT communication Demo Video 2 – Reversing the HearBeat APT RAT
5
Session 9: Malware Analysis using PyMal & Malpimp
This session covered two tools Pymal and Malpimp and demonstrated the use and purpose of these tools, these tools can be helpful in accelerating the malware analysis process.
6
ExeScan
ExeScan is a console based tool to detect anomalies in PE (Portable Executable) files. It quickly scans given executable file and detect all kind of anomalies in its PE header fields including checksum verification’s, size of various header fields, improper size of raw data, non-ascii/empty section names etc. Various packers/protectors modify PE header to make reversing […]
3
Session 8: Introduction to Android Architecture and its Malware Analysis
This session covered the android architecture and some tools to analyse android malwares.