Defeating Malware Evasion: Techniques and Countermeasures

Defeating Malware Evasion: Techniques and Countermeasures

Level of Instruction: Intermediate

Instructed by: Kyle "d4rksystem" Cucci, Randy Pargman

Abstract:

This workshop is designed to give students the skills they need to identify and defeat common evasion techniques used by malware. It’s broken up into three hands-on modules where students will work with a range of open-source (or otherwise free) tools to dig into malicious code, examine different evasion techniques, and learn how to circumvent them to better understand how the malware operates.

We’ll be using a mix of instructor-created malware samples—with full source code provided so students can analyze both the binary and the code side-by-side—and real-world samples found in the wild. By the end of the workshop, students will walk away with several malware samples, pages of code to keep digging into on their own, and a solid toolkit of techniques for breaking through typical anti-analysis and evasion tricks used in modern malware.