YoVDO

Indicators of Compromise - From Malware Analysis to Eradication

Offered By: 44CON Information Security Conference via YouTube

Tags

44CON Courses Cybersecurity Courses Network Security Courses Malware Analysis Courses Windows Internals Courses

Course Description

Overview

Learn to identify and eradicate malware in corporate networks using freely available tools in this 50-minute workshop. Explore techniques from locating unknown malware to analyzing samples and identifying indicators of compromise. Dive into advanced topics like Windows internals, debug object handling, thread hiding, process exploitation, anti-dumping techniques, and virtual machine detection. Gain practical skills in malware analysis, reverse engineering, and enterprise-wide threat mitigation through hands-on exercises and expert guidance.

Syllabus

Intro
About me
Malware Research Lab, 2012
How INT3 breakpoints work
Memory Breakpoints
Hardware breakpoints
Timing
Windows Internals
Debug Object Handle
Thread Hiding
Open Process
Parent Process
UnhandledExceptionFilter
Process Exploitation
Nanomites
Stolen Bytes (Stolen Code)
Virtual Machines (think JVM, not Box)
Guard Pages
Removing the PE Header
Anti-dumping
Exploiting IA-32 Instructions
Interrupt 2D
Stack Segment
Instruction Prefixes
Exploiting LA-32 Instructions
VM Detection
Debugger specific techniques
Other Techniques
Announcement


Taught by

44CON Information Security Conference

Related Courses

Supply Chain Unchained - How To Be A Bad SaaS
44CON Information Security Conference via YouTube Aviation Security 101
44CON Information Security Conference via YouTube The Anti-Checklist Manifesto
44CON Information Security Conference via YouTube Why Are We Still Doing Authentication Wrong?
44CON Information Security Conference via YouTube What Do Hackers See When They Look at the Clouds
44CON Information Security Conference via YouTube