Description: https://www.defcon.org/images/defcon-16/dc16-presentations/defcon-16-ligh-sinclair.pdf https://www.defcon.org/images/defcon-16/dc16-presentations/ligh-sinclair/ligh-sinclair-extras.zip This talk will focus on using a debugger to reverse engineer malware, with an emphasis on building decryption tools for credential recovery and command/control (c&c;) inspection. Most modern-day trojans exhibit cryptography, or just home-grown obfuscation techniques, to prevent analysis of the stolen data or c&c; protocol. This presentation will show how to script the debugger such that it leverages the trojan's own internal functions to decrypt information of the researcher's choice. The concepts will be demonstrated using current threats such as Feebs, Silent Banker, CoreFlood, Torpig/MBR, Kraken, Prg/Zues, and Laqma.
Tags: securitytube , defcon , def con , hacking , hackers , information security , convention , computer security , DC 16 , Defcon 16 , dc-16 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.