It's Malware Time - A Bar Crawl from Skunked Homebrew to Rotten Apples
Offered By: YouTube
Course Description
Overview
Explore the evolution of malware in this 41-minute conference talk from BSides Charm 2019. Delve into the intricacies of Shlayer malware, from its initial identification to its distribution methods. Learn about sample collection techniques, variant execution processes, and the various scripts involved in its operation. Analyze the URL components, network connection details, and authorization mechanisms employed by Shlayer. Gain insights into the use of ExecuteWithPrivileges() and understand the ATT&CK framework analysis of this threat. Examine the curl behaviors associated with Shlayer, both generic and specific, and access helpful resources for further investigation. Conclude with a Q&A session to address any remaining questions about this sophisticated malware strain.
Syllabus
Intro
Friday, January 4th
Monday, January 7th
What is Shlayer?
Sample Collection
Shlayer Distribution
Sample Identification and Collection
Sample Shlayer Variant Execution
Second script
Third script
URL Components
netconn detail
AuthorizationExecuteWithPrivileges()
ATT&CK Analysis
Curl Behaviors - Generic Curl Usage in Past Month
Curl Behaviors - Shalyer Specific
Helpful Shlayer Links / Q&A
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube