YoVDO

AutoHotKey Malware – The New AutoIT - DefCamp - 2018

Offered By: DefCamp via YouTube

Tags

DefCamp Courses Malware Analysis Courses

Course Description

Overview

Explore the world of AutoHotKey malware in this DefCamp 2018 conference talk. Delve into the evolution of malicious scripting, comparing AutoHotKey to AutoIT and examining its rising popularity among cybercriminals. Learn about unpacking techniques, encoding methods, and exfiltration strategies employed in AutoHotKey-based attacks. Discover how these malicious scripts operate, including clipboard manipulation and Steam account theft. Analyze detection rates, investigate simple malware examples, and understand the attacker's operational methods. Gain insights into effective malware concealment tactics and explore the transition from Ducky scripts to AutoHotKey. Discuss countermeasures, including public exposure of malicious actors and implementation of security rules. Conclude with a Q&A session addressing AutoHotKey's position in the current threat landscape.

Syllabus

Intro
Welcome
Who am I
Selfpromotion
CounterStrike
AutoHotKey Malware
AutoHotKey Unpacking
Encoding
How it works
Exfiltration
Detection Rates
Simple Malware
ClipBanker
Steam
Stealing Steam
Who is this guy
Best place to stall malware
His Operation
File Sharing
Conclusion
Questions
AutoHotKey vs AutoIT
Back in the day
Ducky script to AutoHotKey
Gimp your tool
Public shaming
Rules
DNX Filter
Detection Rate


Taught by

DefCamp

Related Courses

The Model of Post-Quantum Signature Using Verkle Tree - DefCamp - 2022
DefCamp via YouTube
The Anatomy of Wiper Malware - DefCamp - 2022
DefCamp via YouTube
Internet Balkanization in an Era of Military Conflict - Dan Demeter - DefCamp - 2022
DefCamp via YouTube
How We Analyzed and Built an Exploit PoC for CVE-2022-24086, a Magento RCE - Catalin Filip - DefCamp - 2022
DefCamp via YouTube
To Log, or Not to Log! That Is the Question - DefCamp - 2022
DefCamp via YouTube