Malware Analysis when you don't have time for Malware Analaysis

Presented at Kawaiicon 2 (2022) Rescheduled, July 1, 2022, 1:45 p.m. (30 minutes)

Something has been compromised, stress levels are at an all-time high, the CISO is quietly looking at seek. The incident response team are feverishly working through their detection, containment and elimination process but they have questions. Is this binary malware? Is it ransomware? Is there a C2? This talk will cover some of the quick and dirty malware analysis methods that can help the incident responders to make better decisions, without taking weeks.

Presenters:

• Adrian Hayes
  Adrian is part of Pulse Security and has been on the testing side of cyber security for probably too long. He has a passion for incident response where stress and chaos levels are at an all-time high. Based in Wellington, he has consulted on security for some of the largest and most well known organisations across New Zealand and internationally.

Links:

• https://kawaiicon.org/talks/malware-IR/

Similar Presentations:

• BSidesLV 2016 / Don't Repeat Yourself: Automating Malware Incident Response for Fun and Profit
• THOTCON 0x5 (2014) / Targeted Malware Final Form (APTrololol)
• DerbyCon 3.0 All in the Family (2013) / The Malware Management Framework, a process you can use to find advanced malware. We found WinNTI with it!