Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

AVLeak - Fingerprinting Antivirus Emulators for Advanced Malware Evasion

Black Hat via YouTube

Overview

Explore AVLeak, a powerful tool for fingerprinting consumer antivirus emulators through automated black box testing, in this 28-minute Black Hat conference talk. Learn how to extract fingerprints from AV emulators that malware can use to detect analysis and evade detection. Discover various fingerprinting techniques, including environmental artifacts, OS API behavioral inconsistencies, network connectivity emulation, timing inconsistencies, process introspection, and CPU emulator "red pills." Witness a live demonstration of AVLeak, showcasing real-world fingerprints that can detect and evade popular consumer AVs like Kaspersky, Bitdefender, AVG, and VBA. Gain insights into this comprehensive examination of emulation detection methods, advancing beyond traditional binary reverse engineering and time-consuming black box testing approaches.

Syllabus

AVLeak: Fingerprinting Antivirus Emulators for Advanced Malware Evasion

Taught by

Black Hat

Reviews

Start your review of AVLeak - Fingerprinting Antivirus Emulators for Advanced Malware Evasion

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.