Posts in category Malware Analysis

SX 4th meetup – Hunting Rootkit...

SX 4th meetup – Hunting Rootkit From the Dark Corners Of Memory
In this awesome presentation, Monnappa explained the concept of Rootkits, types of Rootkits, Memory Forensics. He demonstrated various stealth techniques used by the TDSS Rootkit and showed how to identify its presence and understand its capabilities and various functionality using memory forensics.   Presentation:     Video [...]

SX 4th Meetup -Return Address – The s...

SX 4th Meetup -Return Address – The silver bullet
In this awesome presentation, Amit Malik discussed about the importance of return address in solving some of the problems related to analysis and detection of the malicious codes.   Presentation:        

SecurityXploded 3rd Quarterly Meetup ...

SecurityXploded 3rd Quarterly Meetup – 24th Jan 2015
Here is the quick update and presentations from our recently concluded Third ‘SecurityXploded Cyber Security Quarterly Meetup’.     In this meet, Sameer Patil delivered presentations on “Anatomy of Exploit Kits”, Satyam Saxena covered the topic on “Detecting the Malicious Url using Machine LearningR [...]

SX 3rd Meetup – Hunting Ghost R...

SX 3rd Meetup – Hunting Ghost RAT Using Memory Forensics
In this awesome presentation, Monnappa KA explained the details of Ghost RAT malware used in various Cyber Espionage attacks. He showcased the sandbox analysis, traffic pattern and decrypting the communications of Ghost RAT from packet capture. He also demonstrated both manual and automated method of detecting and decrypting the communication [...]

PE File Overview

PE File Overview
PE stand for Portable Executable that is native file format for Win32. Portable Executable file format is universal across all win32 platform. All Win32 executables like Control Panel Applets (.CPL ), 32bit DLLs, COM files, .NET executables and also NT’s kernel mode drivers. Note that VxDs(virtual device drivers)  and 16 bit DLLs not use PE f [...]

Announcing SecurityXploded 3rd Meetup...

Announcing SecurityXploded 3rd Meetup – 24th Jan 2015, Bangalore, India
This is an announcement for the upcoming SecurityXploded community meetup on 24th January 2015 in Bangalore, India. This meet is completely free and doesn’t require any registration or any other formalities to attend. The meet will start at 10 AM IST.   After the meet, we will upload the presentations/videos for our online users t [...]

SecurityXploded 2nd Quarterly Meet &#...

SecurityXploded 2nd Quarterly Meet – 27th Sep 2014
Here is the quick update and presentations from our recently concluded Second ‘SecurityXploded Quarterly Meet’.     In this meet, Raghav Pande and Monnappa delivered fabulous presentations on reverse engineering the evasive tactics of advanced malwares and SecurityXploded Team announced the launch of a new project ̵ [...]

SX 2nd Meetup – Reversing and D...

SX 2nd Meetup – Reversing and Decrypting the Communications of APT Malware
In this awesome presentation, Monnappa explained about Etumbot malware used in a Cyber Espionage attack.  He showcased the sandbox analysis, Reverse engineering and Decrypting the communications of Etumbot Backdoor using practical video demonstrations.    Presentation:     Video Demo 1:     Video Demo 2:   &nb [...]

SX Meetup 2 – Dissecting BetaBo...

SX Meetup 2 – Dissecting BetaBot
In this presentation, Raghav Pande explained various self defending mechanisms of BetaBot.  He also presented unpacking, hooking and injection methods of this malware using illustrative screenshots.    Presentation:

SecurityXploded 1st Quarterly Meet &#...

SecurityXploded 1st Quarterly Meet – 21st Jun 2014
Here is the quick update and presentations from our recently concluded first ever ‘SecurityXploded Quarterly Meet’.     Our rocking stars, Amit Malik & Monnappa delivered fabulous presentations on detection and mitigation of advanced attacks emerging in Security arena. Here is the link to presentations and video dem [...]
site social