Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Bringing the Power of Symbolic Execution to the Fight Against Malicious Excel 4 Macros

Black Hat via YouTube

Overview

Explore a 35-minute Black Hat conference presentation on Symbexcel, a new tool implementing Symbolic Execution for Excel 4.0 macros. Dive into the world of cybersecurity as experts Giovanni Vigna, Nicola Ruaro, Fabio Pagani, and Stefano Ortolani discuss how this innovative approach combats malicious macros. Learn about the challenges in detecting these attack vectors, the limitations of current security measures, and how Symbexcel's plugins support the analysis of highly obfuscated and evasive samples. Gain insights into Excel 4 macro functionality, evasion techniques, and the principles of Symbolic Execution. Discover the tool's architecture, including its loader, simulation manager, and step function. Understand the importance of deobfuscating malicious samples and evaluate the effectiveness of this cutting-edge cybersecurity solution.

Syllabus

Introduction
Excel 4 Macros
How they work
Mouse and Audio
Evasion
Char Function
Register Function
Symbolic Execution Example
Introduction to Symbolic Execution
Concrete Analysis
Concrete Analysis Problem
Architecture
Loader
Simulation Manager
Environment and constraints
Step function
Examples
Malicious Excel sample analysis
Why deobfuscate a sample
Evaluation
Conclusion

Taught by

Black Hat

Reviews

Start your review of Bringing the Power of Symbolic Execution to the Fight Against Malicious Excel 4 Macros

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.