Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Im Cuckoo for Malware Cuckoo Sandbox and Dynamic Malware Analysis

via YouTube

Overview

Explore dynamic malware analysis techniques and the Cuckoo Sandbox in this 50-minute conference talk from BSides NoVa 2017. Delve into the architecture challenges, functionality, and features of Cuckoo Sandbox, including its distributions and forks. Learn about analysis packages, submission options, and various analysis pages such as static, behavioral, and network analysis. Discover indicators for sandbox detection and countermeasures against anti-analysis techniques. Examine real-world malware examples like MBLCTR.EXE and Loader.exe, and gain insights into useful resources for further learning in the field of malware analysis.

Syllabus

Intro
Agenda
What is Dynamic Malware Analysis?
But what does the program actually do?
(Re)introducing Dynamic Analysis - Why?!
Architecture Challenges
How does it work?
To summarize...
Cuckoo Distributions
Cuckoo Forks Unique Features
Cuckoo Features
Comparison
Analysis Packages
Submission Options
Overview Page
Static Analysis Page
Behavioral Analysis Page
Network Analysis Page
Dropped Files Page
Additional Pages
Indicators for Sandbox/Analysis
Detection Countermeasures
Verify your Anti-Anti-Countermeasures!
Other Challenges
One Last Note on VMS
Let's Look at Malware!
MBLCTR.EXE
Loader.exe (26)
Useful Resources
Questions?

Reviews

Start your review of Im Cuckoo for Malware Cuckoo Sandbox and Dynamic Malware Analysis

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.