Botconf has ended
Back To Schedule
Thursday, December 3 • 14:40 - 15:30
Malware Instrumentation: Application to Regin Analysis

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

The complexity of the Regin malware underlines the importance of reverse engineering in modern incident response. The present study shows that such complexity can be overcome: substantial information about adversary tactics, techniques and procedures is obtained from reverse engineering.
An introduction to the Regin development framework is provided along with an instrumentation guidelines. Such instrumentation enables experimentation with malware modules. So analysis can derectly leverage malware’s own code without the need to program an analysis toolkit.

As an application of the presented instrumentation, the underlying botnet architecture is analysed. Finally conclusions from different perspectives are provided: defense, attack and counter intelligence

Thursday December 3, 2015 14:40 - 15:30 CET

Attendees (0)