Evasion Tactics in Malware from the Inside Out

Posted on March 06, 2019 in Presentations

Authors of malicious code employ clever tactics to get around security tools such as analysis sandboxes and antivirus products. This hands-on lab explores such techniques by looking at real-world samples with the help of a debugger, so you can better understand evasion mechanisms and learn how to examine them on your own. Participants must bring a laptop with a VM set up according to the instructions they’ll receive prior to this session. Prior experience with malware analysis is not required.

Learning Objectives:
1: Clearly understand how malware authors implement evasion tactics in their code.
2: Learn how to spot and examine evasion techniques by analyzing malware using a debugger.
3: Understand how to draw conclusions from malicious code analysis to fortify anti-malware defenses.

Pre-Requisites:
General understanding of Microsoft Windows architecture that involves the use of API calls for environmental interactions. General understanding of programming concepts such as if-else statements and function calls. General understanding of anti-malware technologies, such as antivirus tools and automated analysis sandboxes.

Access This and Other RSAC™ Conference Presentations with Your Free RSAC Membership

Your RSAC™ Membership also includes AI-powered summaries, mind maps, and slides for Conference presentations, Group Discussions with experts, and more.

Watch Now >>

View More Presentations

Top-Rated Sessions from RSAC 2026 now on demand. Explore Now.

Evasion Tactics in Malware from the Inside Out

Participants

James Tarala

Kelli Tarala

John TerBush

Johannes Ullrich

Lenny Zeltser