Explore an automated platform for Mac malware hunting in this 18-minute Black Hat conference talk. Delve into the growing threat of macOS malware and the need for advanced analysis techniques. Learn about Mac-A-Mal, a system for behavioral monitoring at the kernel level that extends current capabilities. Discover how this tool performs static and dynamic analysis, supports various sample types, and detects evasion techniques. Gain insights into large-scale malware hunting, the evolution of macOS malware, and the importance of kernel-space monitoring in combating emerging threats.
Mac-A-Mal - An Automated Platform for Mac Malware Hunting
Overview
Syllabus
Intro
Malware analysis for macOS
Mac-A-Mal static analysis
Mac-A-Mal dynamic analysis
Any sample types are supported
Kernel-space monitor
Detect evasion techniques & mitigation
(no) Human Interaction
OSX/Mughthesec
On large scale
macOS malware evolution
Summary
Taught by
Black Hat
Related Courses
-
Full System Emulation - Achieving Successful Automated Dynamic Analysis of Evasive Malware
-
Catch Me If You Can - A Decade of Evasive Malware Attack and Defense
-
Exploring the Target Exfiltration Malware with Sandbox Tools
-
Slime - Automated Anti-Sandboxing Disarmament System
-
Flowers for Automated Malware Analysis
-
Automating Linux Malware Analysis Using Limon Sandbox
