Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Fileless Malware - The New Cyber Threat

via YouTube

Overview

Explore the world of fileless malware in this 42-minute conference talk from Derbycon 7 (2017). Delve into the history, types, and stages of fileless malware infections, including delivery, execution, and persistence mechanisms. Examine interesting execution and persistence techniques, and analyze a real-world TrickBot campaign. Learn about password-protected Word documents, Poweliks delivery and persistence, DNS forwarding, PowerShell usage, and command retrieval. Gain insights into command and control structures, and discover defensive strategies against this evolving cyber threat.

Syllabus

Intro
Why This Talk?
Fileless Malware - A Brief History
Types of "Fileless" Malware
Stages of A Malware Infection
Malware: Droppers vs. Payloads
Delivery Stage
Execution Stage
Interesting Execution Mechanisms
Persistence Stage
Common Persistence Mechanisms
Interesting Persistence Mechanisms
EXAMPLE TRICKBOT CAMPAIGN
PASSWORD PROTECTED WORD DOC
PAYLOAD - TRICKBOT
Poweliks - Delivery
Poweliks - Persistence
Normal DNS Forwarding
Stage 2 - Persistence for Stage 3?
Stage 2 - Powershell
Stage 4 - Command Retrieval
Command & Control
Stage 4 - Command Output
Fileless Malware - Defense

Reviews

Start your review of Fileless Malware - The New Cyber Threat

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.