Fileless Malware - The New Cyber Threat
Offered By: YouTube
Course Description
Overview
Explore the world of fileless malware in this 42-minute conference talk from Derbycon 7 (2017). Delve into the history, types, and stages of fileless malware infections, including delivery, execution, and persistence mechanisms. Examine interesting execution and persistence techniques, and analyze a real-world TrickBot campaign. Learn about password-protected Word documents, Poweliks delivery and persistence, DNS forwarding, PowerShell usage, and command retrieval. Gain insights into command and control structures, and discover defensive strategies against this evolving cyber threat.
Syllabus
Intro
Why This Talk?
Fileless Malware - A Brief History
Types of "Fileless" Malware
Stages of A Malware Infection
Malware: Droppers vs. Payloads
Delivery Stage
Execution Stage
Interesting Execution Mechanisms
Persistence Stage
Common Persistence Mechanisms
Interesting Persistence Mechanisms
EXAMPLE TRICKBOT CAMPAIGN
PASSWORD PROTECTED WORD DOC
PAYLOAD - TRICKBOT
Poweliks - Delivery
Poweliks - Persistence
Normal DNS Forwarding
Stage 2 - Persistence for Stage 3?
Stage 2 - Powershell
Stage 4 - Command Retrieval
Command & Control
Stage 4 - Command Output
Fileless Malware - Defense
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube