Interesting Malware - No, I’m Not Kidding
Offered By: Cooper via YouTube
Course Description
Overview
Explore the intricacies of an unusual malware family dubbed "CheshireCat" in this 45-minute conference talk from Hack.lu 2016. Delve into the implementation traits, stealth tactics, and unique functionalities of this long-running malware operation, active since 2002. Examine the retro coding style and functional obfuscation techniques that make CheshireCat stand out. Learn about its support for outdated systems, dial-up connections, and peculiar executable header checks. Discover how this dedicated malware has managed to stay under the radar for over a decade, potentially targeting specialized networks. Follow the presenter's analysis of different implant versions, browser injection methods, keylogging techniques, and file system enumeration. Gain insights into the malware's structure, function arrays, and anti-detection mechanisms. Compare CheshireCat to other malware families and draw conclusions about its significance in the cybersecurity landscape.
Syllabus
Introduction
Implant 2002
Implant 20072011
Binary structure
Browser injection
Keylogging
File System Enumeration
Function arrays
Lewis Carroll quote
Hiding from antivirus
Recap
Sketch
Comparison
Conclusion
Taught by
Cooper
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network