Blackhoodie at NorthSec 2022 - Getting cosy with Malware Static Analysis

Retour à la liste des conférenciers et sessions
This workshop is intended to show how exploring the world of Windows malware in the "eyes" of static analysis can actually be a really fun thing! The participants will go over the life cycle of malware, by statically analyzing some real malware and learning how to read and understand the intention behind a piece of code.

This training is free and for women only as per Blackhoodie standards. It will be held in two 2 hour sessions on consecutive days and has a cap of 10 participants. Registration: Reach out to

Following Blackhoodie's guidelines regarding COVID, we require proof of vaccination and attendees to wear masks during the workshop

Topics that will be covered: - Understanding the PE file format - Using disassemblers like Ghidra or IDA - Recognizing some common malware routines (tricks used to stay persistent, obfuscation, etc)

If time permits, there will be a chance to learn how to use scripts to augment and make the experience of static analysis easier.

Pre-requisites/assumed knowledge:
  • Comfortable with x86 assembly language.
  • Comfortable with some programming languages.
  • Some knowledge of how a CPU works.
  • Machine with VMs installed (instructions will be emailed before the workshop).