One Packer to Rule Them All
Offered By: BruCON Security Conference via YouTube
Course Description
Overview
Explore a comprehensive conference talk that delves into the effectiveness of popular antivirus solutions against unknown and obfuscated malware. Discover empirically-derived results revealing the varying implementations of detection methods across different products, highlighting the disparity between x86 and x64 malware detection capabilities. Learn about the three main stages of malware detection: static detection, code emulation detection, and runtime detection. Gain insights into new generic evasion techniques for each stage, implemented through an advanced, dedicated packer. Examine two novel packing methods developed to evade antivirus detection. Understand how combining multiple evasion techniques can render high-detection-rate malicious executables completely undetectable by antivirus products.
Syllabus
BruCON 0x06 - One packer to rule them all - Arne Swinnen & Alaeddine Mesbahi
Taught by
BruCON Security Conference
Related Courses
Being a Cyberdefender - Behind the CurtainsBruCON Security Conference via YouTube Bypassing Microsoft Defender for Identity
BruCON Security Conference via YouTube A Black-Box Security Evaluation of the SpaceX Starlink User Terminal
BruCON Security Conference via YouTube Android Malware Targeting Belgian Financial Apps
BruCON Security Conference via YouTube Chasing the White Whale of Malware
BruCON Security Conference via YouTube