5th Meetup -Reverse Engineering Malware
In this awesome presentation, Monnappa explained the concepts of malware reverse engineering. Presentation: Video Demo – 1: Video Demo – 2: Video Demo – 3:
In this awesome presentation, Monnappa explained the concepts of malware reverse engineering. Presentation: Video Demo – 1: Video Demo – 2: Video Demo – 3:
In this presentation, Monnappa explained the concept of automated malware analysis, sandbox and sandbox architecture. Presentation: Video Demo:
In this presentation, Monnappa explained the concept of malware analysis. Presentation: Video Demo:
In this awesome presentation, Monnappa explained the concept of Rootkits, types of Rootkits, Memory Forensics. He demonstrated various stealth techniques used by the TDSS Rootkit and showed how to identify its presence and understand its capabilities and various functionality using memory forensics. Presentation: Video Demo:
In this awesome presentation, Monnappa KA explained the details of Ghost RAT malware used in various Cyber Espionage attacks. He showcased the sandbox analysis, traffic pattern and decrypting the communications of Ghost RAT from packet capture. He also demonstrated both manual and automated method of detecting and decrypting the communications of Ghost RAT using memory […]
In this awesome presentation, Sameer Patil explained the concept of Exploit Kits and its working with some interesting case studies. He also covered various phases of exploitation and demonstrated the analysis of Nuclear and Fiesta exploit kits. Presentation: Video Demo 1: Video Demo 2:
In this awesome presentation, Monnappa explained about Etumbot malware used in a Cyber Espionage attack. He showcased the sandbox analysis, Reverse engineering and Decrypting the communications of Etumbot Backdoor using practical video demonstrations. Presentation: Video Demo 1: Video Demo 2: Video Demo 3: References: http://www.arbornetworks.com/asert/2014/06/illuminating-the-etumbot-apt-backdoor/ http://www.fireeye.com/blog/technical/botnet-activities-research/2014/09/darwins-favorite-apt-group-2.html
In this presentation Monnappa showcased a novel concept in security arena – “Watering Hole Attack”. He presented various exploitation methods around it using the practical video demonstration. Presentation: Video Demonstration: References: http://about-threats.trendmicro.com/RelatedThreats.aspx?language=au&name=Watering+Hole+101 http://www.fireeye.com/blog/technical/cyber-exploits/2014/02/operation-snowman-deputydog-actor-compromises-us-veterans-of-foreign-wars-website.html http://www.securityweek.com/new-ie-10-zero-day-used-watering-hole-attack-targeting-us-military http://blogs.cisco.com/security/watering-hole-attacks-target-energy-sector/
This session demonstrated various features of HeartBeat APT RAT using reverse engineering. Demo Video Part 2a – Decrypting various communications Demo Video Part 2b – HeartBeat RAT Functionality 1 -Process enumeration Demo Video Part 2c – HeartBeat RAT Functionality 2 – Process termination Demo Video Part 2d – HeartBeat RAT Functionality 3 – Create and […]
This session covered the reversing of HearBeat Rat and decrypting its network communication Demo Video 1 – Decrypting HeartBeat APT RAT communication Demo Video 2 – Reversing the HearBeat APT RAT