Evasion Tactics in Malware from the Inside Out

Closed captioning will be available in English and Japanese for all keynotes and RSAC track sessions.
Please note: All times are in SGT.
REGISTER NOW
  1. Moscone West

Authors of malicious code employ clever tactics to get around security tools such as analysis sandboxes and antivirus products. This hands-on lab explores such techniques by looking at real-world samples with the help of a debugger, so you can better understand evasion mechanisms and learn how to examine them on your own. Participants must bring a laptop with a VM set up according to the instructions they’ll receive prior to this session. Prior experience with malware analysis is not required.

Learning Objectives:
1: Clearly understand how malware authors implement evasion tactics in their code.
2: Learn how to spot and examine evasion techniques by analyzing malware using a debugger.
3: Understand how to draw conclusions from malicious code analysis to fortify anti-malware defenses.

Pre-Requisites:
General understanding of Microsoft Windows architecture that involves the use of API calls for environmental interactions. General understanding of programming concepts such as if-else statements and function calls. General understanding of anti-malware technologies, such as antivirus tools and automated analysis sandboxes.

Download pdf
Participants: