tien phan malware manipulation 2019 08 26 2
play

Tien Phan Malware Manipulation 2019-08-26 2 Pokemon Fusion Con - - PowerPoint PPT Presentation

Nov 13, 2022 •322 likes •555 views

Tien Phan Malware Manipulation 2019-08-26 2 Pokemon Fusion Con - Fusion Malicious Malware + = Softicious X Software Tien Phan Malware Manipulation 2019-08-26 3 Reverse Engineering More time consuming Dynamic Analysis

  2. Tien Phan Malware Manipulation 2019-08-26 2

  3. Pokemon Fusion Con - Fusion Malicious Malware ✔ + = Softicious X Software Tien Phan Malware Manipulation 2019-08-26 3

  4. Reverse Engineering More time consuming Dynamic Analysis Static Analysis Fully Automated Sandbox Tien Phan Malware Manipulation 2019-08-26 4

  5. Automated Sandbox supports Malware Dynamic Manipulation Analysis Reverse Engineering Tien Phan Malware Manipulation 2019-08-26 5

  6. More clues Malware Malware manipulation Analysis Further manipulation Tien Phan Malware Manipulation 2019-08-26 6

  7. Tien Phan Malware Manipulation 2019-08-26 7

  8. Queries iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea[.]com Wannacry Unregistered domain https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html Tien Phan Malware Manipulation 2019-08-26 8

  9. Tien Phan Malware Manipulation 2019-08-26 9

  10. New signatures 10 8 6 4 2 0 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug 2016 2017 2018 2019 Tien Phan Malware Manipulation 2019-08-26 10

  11. Tien Phan Malware Manipulation 2019-08-26 11

  12. ComputerName = xxxx& Domain = xxxx& Id = -1& LANSetting = Gateway = xxx.xxx.xxx.xxx& IP = xxx.xxx.xxx.xxx& SubnetMask = xxx.xxx.xxx.xxx& Object = LANSetting;& LoaderType = 0& OSArch = 1& OSType = 0& OSVer = xxxx& UserName = xxxx& Object = ClientInformation Tien Phan Malware Manipulation 2019-08-26 12

  13. Tien Phan Malware Manipulation 2019-08-26 13

  14. Tien Phan Malware Manipulation 2019-08-26 14

  15. C2 URI Description /cl_client_online.php POST harvested system information /cl_client_cmd.php GET C2 command /cl_client_cmd_res.php POST C2 command result /cl_client_logs.php POST log Tien Phan Malware Manipulation 2019-08-26 15

  16. Exploit CVE-2019-3396 Confluence Server Drop Grand Crab 5.2 Mr. Black Backdoor Attackers Mr. Black Grand Crab 5.2 CVE-2019-3396 Tien Phan Malware Manipulation 2019-08-26 16

  17. Tien Phan Malware Manipulation 2019-08-26 17

  18. Tien Phan Malware Manipulation 2019-08-26 18

  19. Tien Phan Malware Manipulation 2019-08-26 19

  20. Tien Phan Malware Manipulation 2019-08-26 20

  21. Tien Phan Malware Manipulation 2019-08-26 21

  22. 2019-08-26 22 Tiean Phan Malware Manipulation

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1. gate to Camp Tien Sha 2. view of Camp Tien Sha from Monkey Mountain 3. street level view in

1. gate to Camp Tien Sha 2. view of Camp Tien Sha from Monkey Mountain 3. street level view in

1. gate to Camp Tien Sha 2. view of Camp Tien Sha from Monkey Mountain 3. street level view in Camp Tien Sha 4. interior shot with temp stored cargo 5. LST offload ramps, staging area and DeLong pier 6. Army pontoon ferry needed when the

515 views • 17 slides
Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware virus trojan horse etc. and how do we fight it? AV software Firewalls Filtering Patching Writing more secure software

568 views • 22 slides
Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware virus trojan horse etc. and how do we fight it? AV software Firewalls Filtering Patching Writing more secure software

540 views • 42 slides
Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the explosive growth of mobile device market and usage, there is an increasing number of malicious mobile applications targeting these devices and

819 views • 44 slides
Extracting Linked Data from statistic spreadsheets Tien-Duc Cao tien-duc.cao@inria.fr Ioana

Extracting Linked Data from statistic spreadsheets Tien-Duc Cao tien-duc.cao@inria.fr Ioana

Extracting Linked Data from statistic spreadsheets Tien-Duc Cao tien-duc.cao@inria.fr Ioana Manolescu ioana.manolescu@inria.fr Xavier Tannier xtannier@limsi.fr Semantic Big Data workshop, Chicago, May 19th, 2017 Agenda 1. Context: data

491 views • 19 slides
Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis Paul Royal

Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis Paul Royal

Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis Paul Royal paul@gtisc.gatech.edu Agenda Modern Malware Obfuscations, Server-side Polymorphism, Collection Volume Malware Analysis Detection

504 views • 27 slides
Getting started with malware analysis Judith van Stegeren Definitions Malware : any software that

Getting started with malware analysis Judith van Stegeren Definitions Malware : any software that

Getting started with malware analysis Judith van Stegeren Definitions Malware : any software that does something that causes harm to a user, computer or network, including viruses, trojan horses, worms, rootkits, scareware and spyware. Malware

119 views • 9 slides
Workshop 2.4: Data manipulation Murray Logan 10 Mar 2019 Section 1 Data manipulation

Workshop 2.4: Data manipulation Murray Logan 10 Mar 2019 Section 1 Data manipulation

Workshop 2.4: Data manipulation Murray Logan 10 Mar 2019 Section 1 Data manipulation rename(,replace=) colnames() subset(,subset=,select=) revalue(,replace=) select(,...) recode() order() factor(,lab=) arrange() factor(,levels=)

1.5k views • 122 slides
GOODWARE DRUGS FOR MALWARE: ON-THE-FLY MALWARE ANALYSIS AND CONTAINMENT DAMIANO BOLZONI

GOODWARE DRUGS FOR MALWARE: ON-THE-FLY MALWARE ANALYSIS AND CONTAINMENT DAMIANO BOLZONI

GOODWARE DRUGS FOR MALWARE: ON-THE-FLY MALWARE ANALYSIS AND CONTAINMENT DAMIANO BOLZONI CHRISTIAAN SCHADE TWENTE SECURITY LAB UNIVERSITY OF TWENTE THE NETHERLANDS AGENDA Something about malware Malware internals Current analysis

398 views • 27 slides
A CUCKOOS EGG IN THE MALWARE NEST ON-THE-FLY SIGNATURE-LESS MALWARE ANALYSIS, DETECTION AND

A CUCKOOS EGG IN THE MALWARE NEST ON-THE-FLY SIGNATURE-LESS MALWARE ANALYSIS, DETECTION AND

A CUCKOOS EGG IN THE MALWARE NEST ON-THE-FLY SIGNATURE-LESS MALWARE ANALYSIS, DETECTION AND CONTAINMENT FOR LARGE NETWORKS CHRISTIAAN SCHADE TWENTE SECURITY LAB UNIVERSITY OF TWENTE THE NETHERLANDS MALWARE WARS In the last

313 views • 14 slides
Malware Halting 1. Malware 2. Software diversity Part I: Method Development 3. Computer

Malware Halting 1. Malware 2. Software diversity Part I: Method Development 3. Computer

Overview Malware Halting 1. Malware 2. Software diversity Part I: Method Development 3. Computer immunization Kjell Jrgen Hole Simula@UiB 4. Epidemiological model 5. Malware halting analysis 6. Malware halting method Last updated

672 views • 29 slides
5. Storage and Manipulation Foundations of XML Data of SSD Manipulation Shamelessly

5. Storage and Manipulation Foundations of XML Data of SSD Manipulation Shamelessly

5. Storage and Manipulation Foundations of XML Data of SSD Manipulation Shamelessly inspired by Ioana Manolescu tutorial Giorgio Ghelli The problem Classifying stores Consider the queries Essential criteria: $doc //

465 views • 8 slides
How does Malware Use RDTSC? A Study on Operations Executed by Malware with CPU Cycle Measurement

How does Malware Use RDTSC? A Study on Operations Executed by Malware with CPU Cycle Measurement

How does Malware Use RDTSC? A Study on Operations Executed by Malware with CPU Cycle Measurement Yoshihiro Oyama University of Tsukuba 1 Background Many malware programs execute operations for analysis evasion Detection of

346 views • 31 slides
Priority queue Binary heap March 06, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1 REMINDER

Priority queue Binary heap March 06, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1 REMINDER

Priority queue Binary heap March 06, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1 REMINDER Section 201 midterm is in WOOD 2 19:00 21:00 March 06, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 2 Priority queues?

338 views • 23 slides
AD ADVANCE CED M MALWARE RE ALEXANDRE BORGES MALWARE AND SECURITY RESEARCHER THR THREATS

AD ADVANCE CED M MALWARE RE ALEXANDRE BORGES MALWARE AND SECURITY RESEARCHER THR THREATS

AD ADVANCE CED M MALWARE RE ALEXANDRE BORGES MALWARE AND SECURITY RESEARCHER THR THREATS NO HAT 2019 (Bergamo / IT ITALY) by y Alexandre Bor Borges 1 NO HAT 2019 (BERGAMO / ITALY) Agenda: In Intr troductio ion Anti

1.45k views • 105 slides
C++ Memory Pointers and joy! January 07, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1

C++ Memory Pointers and joy! January 07, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1

C++ Memory Pointers and joy! January 07, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1 Announcements HW1 corrections please check pinned Piazza post Gradescope registrations will start today check your ugrad e-mail for

562 views • 20 slides
Video Streaming via ad-hoc Network Group 5 Ali Karaduman Mehmet Kopan Onur zbek M.Burak enol

Video Streaming via ad-hoc Network Group 5 Ali Karaduman Mehmet Kopan Onur zbek M.Burak enol

EE436 CS422 Wireless Networking Technologies and Aplications Video Streaming via ad-hoc Network Group 5 Ali Karaduman Mehmet Kopan Onur zbek M.Burak enol Instructors Ezhan Karaan & brahim Krpeolu 22/04/2010 Introduction to

108 views • 9 slides
Windows Server 2008 Training Vijay Bhalerao BCS, MCM, CISA, DCL,MCTS, ISO 27001 LA

Windows Server 2008 Training Vijay Bhalerao BCS, MCM, CISA, DCL,MCTS, ISO 27001 LA

Windows Server 2008 Training Vijay Bhalerao BCS, MCM, CISA, DCL,MCTS, ISO 27001 LA univijay@unisoftpune.com 1 Windows Server 2008 Course Contents Day - 1 Day - 2 Server Components Group Policies Windows 2008 Server Series

691 views • 34 slides
Configuration DB Status report Lana Abadie Contents Objectives & requirements

Configuration DB Status report Lana Abadie Contents Objectives & requirements

Configuration DB Status report Lana Abadie Contents Objectives & requirements (reminder) TFC project status DAQ project (in progress) Routing tables : use case Modeling the network with tables (1/2) Routing table

460 views • 12 slides
Dont Lose Sleep Over Availability The GreenUp Decentralized Wakeup Service Siddhartha Sen,

Dont Lose Sleep Over Availability The GreenUp Decentralized Wakeup Service Siddhartha Sen,

Dont Lose Sleep Over Availability The GreenUp Decentralized Wakeup Service Siddhartha Sen, Jacob R. Lorch, Richard Hughes, Carlos Garcia Jurado Suarez, Brian Zill, Weverton Cordeiro, and Jitendra Padhy Presentation: Kamil Yurtsever Context

445 views • 13 slides
Basis konfiguration af ESXi via PowerCLI Mads Fog Albrechtslund vExpert 2014, PernixPro og

Basis konfiguration af ESXi via PowerCLI Mads Fog Albrechtslund vExpert 2014, PernixPro og

Basis konfiguration af ESXi via PowerCLI Mads Fog Albrechtslund vExpert 2014, PernixPro og Veeam Technical Expert 2014 Konsulent, Businessmann A/S Twitter: @Hazenet 1 Hvad skal konfigureres? DNS Default Gateway Search

281 views • 17 slides
Mesh Network Information ArrowSpan Wireless Mesh Network Solutions (China) Sept 2007 1

Mesh Network Information ArrowSpan Wireless Mesh Network Solutions (China) Sept 2007 1

Mesh Network Information ArrowSpan Wireless Mesh Network Solutions (China) Sept 2007 1 Wireless Mesh Network Application Most cost-effective private wireless network Most Cost effective technology Fast Return on Investment Fast

489 views • 14 slides
Partners and Key figures Call/Topic : LCE 72014: Distribution grid and retail market Duration:

Partners and Key figures Call/Topic : LCE 72014: Distribution grid and retail market Duration:

Real proven solutions to enable active demand and distributed generation flexible integration, through a fully controllable LOW Voltage and medium voltage distribution grid Project general presentation The UPGRID Consortium This project has

233 views • 22 slides
Two term-layers: An Alternative topology for representing term relationships in the Bayesian

Two term-layers: An Alternative topology for representing term relationships in the Bayesian

Two term-layers: An Alternative topology for representing term relationships in the Bayesian Network Retrieval Model Luis M. de Campos , Juan M. Fern andez-Luna , & Juan F. Huete Departamento de Ciencias de la

812 views • 31 slides

More recommend