Scribd Logo
Upload

Welcome to Scribd!

  • Felipe Duarte Lead CTI Specialist - Lumu Technologies @dark0pcodes

    Uploaded by

    Gyfff
    64 views26 pages
    Ydiciciciciciciciciviviviv

    Original Title

    threat_intel_malware_analysis

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Ydiciciciciciciciciviviviv

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    64 views26 pages

    Felipe Duarte Lead CTI Specialist - Lumu Technologies @dark0pcodes

    Uploaded by

    Gyfff
    Ydiciciciciciciciciviviviv

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 26

    Felipe Duarte

    Lead CTI Specialist - Lumu Technologies


    @dark0pcodes
    Disclaimer

    All the opinions described in this talk are mine only and
    they do not represent my employer or any other third
    party.
    About me

    Late night Python programmer really


    passionate about reverse engineering
    malware and sharing knowledge with
    the infosec community.
    Malware Analysis

    What is your motivation?


    The Art of War

    “If you know the enemy and know


    yourself, you need not fear the
    result of a hundred battles.”
    Sun Tzu
    The Cyber War
    The Cyber War
    The Cyber War

    How could we defend


    ourselves?
    The Cyber War

    • My AV/EDR/IDS/Firewall
    is the best.

    • If I don’t see the attack


    it is not happening.

    • I just remove the threat,


    that is enough.
    The Cyber War

    Alan Turing and his team managed to


    break the cryptographic code of the
    Enigma Machine, helping Allies to
    intercept Nazis’ messages and defeat
    them in many crucial battles.

    It has been estimated that this work


    saved over 14 million lives.
    The Enigma Machine
    The Strategy

    Improve

    Recollect Prioritize Analyze Automate


    Brainstorming

    Extractor de
    Unpacking Automation
    YARA
    configuración
    Brainstorming - Malware Tracker

    FAME
    (https://certsocietegenerale.github.io/fame/)

    Assembly Line
    (https://cyber.gc.ca/en/assemblyline)

    Active C2Cs
    Malware Config Network
    unpac.me
    samples extraction emulation Modules

    Binary Updates
    Brainstorming - Malware Analyzer

    FAME
    (https://certsocietegenerale.github.io/fame/)

    Assembly Line
    (https://cyber.gc.ca/en/assemblyline)

    Malware Config Threat Intel


    Unpacking YARA
    samples extraction Platform

    Threat
    Unpac.me Intezer Sandboxes YETI MISP
    Connect
    You are not alone

    https://github.com/ctxis/CAPE
    You are not alone

    https://github.com/JPCERTCC/MalConfScan
    You are not alone

    https://github.com/kevthehermit/RATDecoders
    Malware Analysis

    What is your motivation?


    Malware Analysis
    Malware Analysis
    Malware Analysis
    The Cyber War

    Will we win this war?


    Q&A
    Contact me

    Felipe Duarte
    Lead CTI Specialist - Lumu Technologies

    @dark0pcodes (Twitter y Github)

    You might also like