Overview
Explore techniques used by advanced malware and APTs to evade automated analysis systems (AAS) in this Black Hat USA 2013 conference talk. Examine real-world examples like Khelios botnet, Trojan Nap, Poison IVY, UpClicker, PushDo, and Trojan Hastati, focusing on their evasion methods such as extended sleep calls, mouse click triggers, and timed activation. Gain insights into an exhaustive list of anti-evasion techniques, APIs, and code segments employed by sophisticated malware. Witness live demonstrations of recent anti-analysis techniques. Delve into an in-depth technical analysis of current AAS technologies, comparing their effectiveness against these evasions. Understand the architectural decomposition of automated analysis systems, their advantages, limitations, and the rapid evolution of Anti-AAS techniques. Discuss potential future vectors sophisticated malware may use to target AAS.
Syllabus
Black Hat USA 2013 - Hot Knives Through Butter: Bypassing Automated Analysis Systems
Taught by
Black Hat