Tyler Hudak discusses malware analysis

BrakeSec Education Podcast

English - December 08, 2014 01:21 - 39 minutes - 27.1 MB - ★★★★★ - 98 ratings
Tech News News Technology cisa cissp legal pentesting podcasts application compliance computersecurity cybersecurity education Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed

Previous Episode: Part 2 w/ Ben Donnelly -- Introducing Ball and Chain (making password breaches a thing of the past)

Next Episode: Tyler Hudak (@secshoggoth) Discusses incident respose, and DIY malware research

Tyler Hudak (@secshoggoth) came to discuss with us the process of doing analysis on malware binaries. We talk about MASTIFF, his malware framework. We also discuss how to gain information from malware program headers, and some software that is used to safely analyze it.

Helpful Links:

Ida Pro: https://www.hex-rays.com/products/ida/

Process Monitor - http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx

Mastiff White Paper: http://digital-forensics.sans.org/blog/2013/05/07/mastiff-for-auto-static-malware-analysis

Mastiff latest: http://sourceforge.net/projects/mastiff/files/mastiff/0.6.0/

cuckoo sandbox: www.cuckoosandbox.org

Anubis: https://anubis.iseclab.org/

PE Headers: http://en.wikipedia.org/wiki/Portable_Executable

ELF: http://fr.wikipedia.org/wiki/Executable_and_Linkable_Format

REMnux- reverse engineering linux distro:https://remnux.org/

Inetsim: http://www.inetsim.org/

Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0
http://creativecommons.org/licenses/by/3.0/