Explore dynamic malware analysis using Cuckoo Sandbox in this 42-minute conference talk from BSides Philly 2016. Delve into the differences between dynamic and static analysis, learn about smart assembly techniques, and discover how to analyze Word documents for potential threats. Gain insights into Cuckoo Sandbox's features, including its documentation, overview page, report page, behavior analysis, and network analysis capabilities. Understand how to normalize registry names, download PDF files, and read text files for thorough malware examination. Discover strategies to avoid malware, explore anti-malware themes, and learn about specific malware cases like Syria Malware. Examine execution trees, signatures, and loaded components, and understand concepts like WIC incursions, AutoHotkey, and reboot survival. Conclude with recommended resources and a Q&A session with the speaker, Lane Huff.
Overview
Syllabus
Intro
Dynamic Analysis
Static Analysis
Power on
Smart Assembly
Word Document
Cuckoo
Normalize Registry Names
Cuckoo Sandbox Documentation
Overview Page
Report Page
Behavior Analysis Page
Network Analysis Page
Download PDF File
Read Text File
Change Gears
Doctors are smart
A brief list
Avoid Malware
AntiMalware
Themes
Piece Amount
Syria Malware
Execution Tree
Signatures
LoadedWIC
Incursions
Autohotkey
Reboot Survival
Recommended Resources
QA with Lane Huff
