Explore automated malware analysis techniques for threat intelligence in this 45-minute conference talk from BSides Augusta 2016. Delve into the Lockheed Martin kill chain, learn about tools like Neutrino and Tequila Boom Boom, and discover how to leverage Yara rules, VTI notifications, and the Viper API. Examine command and control structures, identify patterns in malicious activities, and understand pivoting strategies. Gain insights into the world of cybercriminals and coincidences in their operations, while enhancing your ability to detect and respond to emerging threats.
Overview
Syllabus
Intro
What is malware analysis
Lockheed Martin kill chain
Automating malware analysis
My research
What does Neutrino do
What is Tequila Boom Boom
Command and Control
Yana Rules
Vti Notification
Python Code
Viper API
The Bad Guys
Coincidences
Multiple Patterns
C2 Clusters
Funsies
Pivoting
Questions
