Thwarting Malware Analysis: Integrating Established and Novel Techniques

Retour à la liste des conférenciers et sessions
Écoutez la diffusion

An important part of red teaming is developing custom payloads, since using anything public without in-depth customization will get your operation burned in a second. After spending countless hours crafting those precious master pieces, one of the main priorities of the red team and threat actors is to protect them from prying eyes (SOC analysts, forensic investigators or security researchers)

This talk will go over established techniques used to prevent analysis. In addition, three anti-copy techniques used by OKIOK’s red team in real engagement will be covered with proof-of-concept releases and detection opportunities. These techniques propose new ways of circumventing the weaknesses of the established ones.