Catch Me If You Can - A Compilation Of Recent Anti-Analysis In Malware — Marion Marschalek
Date : 04 June 2014 à 16:45 — 45 min.
Malware versus analyst is an ongoing war for about more than a decade. In a time where persistance is a vital part of any advanced threat the art of evasion from detection, analysis and dissection is crucial. This talk aims to provide insight in some of the latest techniques spotted in in-the-wild malware of the everyday battle field, including Upatre, Miuref and Citadel. Presented techniques vary from breakpoint detection, heap structure abuse to full blown Visual Basic crypters and adequate countermeasures to aid the analyst's chances in the combat.