YoVDO

Chasing the White Whale of Malware

Offered By: BruCON Security Conference via YouTube

Tags

BruCON Courses Reverse Engineering Courses Malware Analysis Courses

Course Description

Overview

Explore the challenges and techniques of identifying operational technology (OT) malware in this 55-minute conference talk from BruCON Security Conference. Dive into the world of "white whale" malware samples that target physical infrastructure and industrial processes. Learn about the unique difficulties in detecting OT malware using common analysis methods and automated solutions. Discover simple techniques for filtering and analyzing OT binaries without advanced reverse engineering skills, including static strings analysis, memory string examination, function analysis, and import hashing. Follow along as the speakers use Modbus samples to demonstrate successes and failures in the initial analysis steps. Gain insights into recognizing interesting OT samples and take your first steps towards identifying potentially dangerous malware targeting operational technologies.

Syllabus

Introduction
Trident
Excitement
Why are we not finding it
Start the search
What are you looking for
Sources
Tests
Strings
Functions of Interest
Reverse Engineering
Fuzzy Hash
Induct
Device probes
Network device probes
Results


Taught by

BruCON Security Conference

Related Courses

Being a Cyberdefender - Behind the Curtains
BruCON Security Conference via YouTube
Bypassing Microsoft Defender for Identity
BruCON Security Conference via YouTube
A Black-Box Security Evaluation of the SpaceX Starlink User Terminal
BruCON Security Conference via YouTube
Android Malware Targeting Belgian Financial Apps
BruCON Security Conference via YouTube
ECOS Offensive Security Research Logbook
BruCON Security Conference via YouTube