Reverse Engineering For Threat Intelligence — Vishal Thakur

BSides Bristol 2019

In this presentation, we focus on reverse engineering malware for the sole purpose of gathering intelligence. We dive into some real malware (it's BSides, where else!) and extract information that we then use to build profiles. These are based on code, C2i and TTPs. We look into some highly successful malware families (TrickBot, Emotet) and some not so common malware samples in this presentation. Specifically, in this presentation, I will share some tips and tricks for identifying code-reuse, extracting C2 information from binaries super-fast and expanding our findings to gather in-the-wild information on the MalActors.

Watch the video here:

https://www.youtube.com/watch?v=9wYbows1sgc