Overview
Syllabus
Intro
Agenda
What is Dynamic Malware Analysis?
But what does the program actually do?
(Re)introducing Dynamic Analysis - Why?!
Architecture Challenges
How does it work?
To summarize...
Cuckoo Distributions
Cuckoo Forks Unique Features
Cuckoo Features
Comparison
Analysis Packages
Submission Options
Overview Page
Static Analysis Page
Behavioral Analysis Page
Network Analysis Page
Dropped Files Page
Additional Pages
Indicators for Sandbox/Analysis
Detection Countermeasures
Verify your Anti-Anti-Countermeasures!
Other Challenges
One Last Note on VMS
Let's Look at Malware!
MBLCTR.EXE
Loader.exe (26)
Useful Resources
Questions?