This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
1. Start monitoring tools in the victim system (processes, connections, registry)
2. Start network capture in the host system (or hub)3. Capture initial status of the victim system4. Run the malware for an amount of time in the victim
system5. Terminate the process6. Stop monitoring tools7. Capture final status of the victim system8. Walk through the obtained info9. Loop adding interactions…
Conclusions
• It is important to know what has (or can) happened• Reverse Engineering techniques learned:
– Static analysis– Behavioral analysis
• You can do it at home with parental guidance
Episode III trailer
• Code analysis:– In-depth knowledge of the malware– Helping to reduce assumptions– Much more complicated– Again DEMO!
Questions?
Thank you!
Attribution-NonCommercial-NoDerivs 2.0
You are free:to copy, distribute, display, and perform the work Under the following conditions:
Attribution. You must give the original author credit.
Noncommercial. You may not use this work for commercial purposes.
No Derivative Works. You may not alter, transform, or build upon this work.
For any reuse or distribution, you must make clear to others the license terms of this work. Any of these conditions can be waived if you get permission from the author. Your fair use and other rights are in no way affected by the above.This is a human-readable summary of the http://creativecommons.org/licenses/by-nc-nd/2.0/.