tien phan malware manipulation 2019 08 26 2
play

Tien Phan Malware Manipulation 2019-08-26 2 Pokemon Fusion Con - - PowerPoint PPT Presentation

Nov 13, 2022 •322 likes •555 views

Tien Phan Malware Manipulation 2019-08-26 2 Pokemon Fusion Con - Fusion Malicious Malware + = Softicious X Software Tien Phan Malware Manipulation 2019-08-26 3 Reverse Engineering More time consuming Dynamic Analysis

  2. Tien Phan Malware Manipulation 2019-08-26 2

  3. Pokemon Fusion Con - Fusion Malicious Malware ✔ + = Softicious X Software Tien Phan Malware Manipulation 2019-08-26 3

  4. Reverse Engineering More time consuming Dynamic Analysis Static Analysis Fully Automated Sandbox Tien Phan Malware Manipulation 2019-08-26 4

  5. Automated Sandbox supports Malware Dynamic Manipulation Analysis Reverse Engineering Tien Phan Malware Manipulation 2019-08-26 5

  6. More clues Malware Malware manipulation Analysis Further manipulation Tien Phan Malware Manipulation 2019-08-26 6

  7. Tien Phan Malware Manipulation 2019-08-26 7

  8. Queries iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea[.]com Wannacry Unregistered domain https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html Tien Phan Malware Manipulation 2019-08-26 8

  9. Tien Phan Malware Manipulation 2019-08-26 9

  10. New signatures 10 8 6 4 2 0 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug 2016 2017 2018 2019 Tien Phan Malware Manipulation 2019-08-26 10

  11. Tien Phan Malware Manipulation 2019-08-26 11

  12. ComputerName = xxxx& Domain = xxxx& Id = -1& LANSetting = Gateway = xxx.xxx.xxx.xxx& IP = xxx.xxx.xxx.xxx& SubnetMask = xxx.xxx.xxx.xxx& Object = LANSetting;& LoaderType = 0& OSArch = 1& OSType = 0& OSVer = xxxx& UserName = xxxx& Object = ClientInformation Tien Phan Malware Manipulation 2019-08-26 12

  13. Tien Phan Malware Manipulation 2019-08-26 13

  14. Tien Phan Malware Manipulation 2019-08-26 14

  15. C2 URI Description /cl_client_online.php POST harvested system information /cl_client_cmd.php GET C2 command /cl_client_cmd_res.php POST C2 command result /cl_client_logs.php POST log Tien Phan Malware Manipulation 2019-08-26 15

  16. Exploit CVE-2019-3396 Confluence Server Drop Grand Crab 5.2 Mr. Black Backdoor Attackers Mr. Black Grand Crab 5.2 CVE-2019-3396 Tien Phan Malware Manipulation 2019-08-26 16

  17. Tien Phan Malware Manipulation 2019-08-26 17

  18. Tien Phan Malware Manipulation 2019-08-26 18

  19. Tien Phan Malware Manipulation 2019-08-26 19

  20. Tien Phan Malware Manipulation 2019-08-26 20

  21. Tien Phan Malware Manipulation 2019-08-26 21

  22. 2019-08-26 22 Tiean Phan Malware Manipulation

Recommend

1. gate to Camp Tien Sha 2. view of Camp Tien Sha from Monkey Mountain 3. street level view in

1. gate to Camp Tien Sha 2. view of Camp Tien Sha from Monkey Mountain 3. street level view in

1. gate to Camp Tien Sha 2. view of Camp Tien Sha from Monkey Mountain 3. street level view in Camp Tien Sha 4. interior shot with temp stored cargo 5. LST offload ramps, staging area and DeLong pier 6. Army pontoon ferry needed when the

515 views • 17 slides
Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware virus trojan horse etc. and how do we fight it? AV software Firewalls Filtering Patching Writing more secure software

570 views • 22 slides
Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware virus trojan horse etc. and how do we fight it? AV software Firewalls Filtering Patching Writing more secure software

540 views • 42 slides
Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the explosive growth of mobile device market and usage, there is an increasing number of malicious mobile applications targeting these devices and

819 views • 44 slides
Extracting Linked Data from statistic spreadsheets Tien-Duc Cao tien-duc.cao@inria.fr Ioana

Extracting Linked Data from statistic spreadsheets Tien-Duc Cao tien-duc.cao@inria.fr Ioana

Extracting Linked Data from statistic spreadsheets Tien-Duc Cao tien-duc.cao@inria.fr Ioana Manolescu ioana.manolescu@inria.fr Xavier Tannier xtannier@limsi.fr Semantic Big Data workshop, Chicago, May 19th, 2017 Agenda 1. Context: data

491 views • 19 slides
Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis Paul Royal

Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis Paul Royal

Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis Paul Royal paul@gtisc.gatech.edu Agenda Modern Malware Obfuscations, Server-side Polymorphism, Collection Volume Malware Analysis Detection

504 views • 27 slides
Getting started with malware analysis Judith van Stegeren Definitions Malware : any software that

Getting started with malware analysis Judith van Stegeren Definitions Malware : any software that

Getting started with malware analysis Judith van Stegeren Definitions Malware : any software that does something that causes harm to a user, computer or network, including viruses, trojan horses, worms, rootkits, scareware and spyware. Malware

119 views • 9 slides
Workshop 2.4: Data manipulation Murray Logan 10 Mar 2019 Section 1 Data manipulation

Workshop 2.4: Data manipulation Murray Logan 10 Mar 2019 Section 1 Data manipulation

Workshop 2.4: Data manipulation Murray Logan 10 Mar 2019 Section 1 Data manipulation rename(,replace=) colnames() subset(,subset=,select=) revalue(,replace=) select(,...) recode() order() factor(,lab=) arrange() factor(,levels=)

1.5k views • 122 slides
GOODWARE DRUGS FOR MALWARE: ON-THE-FLY MALWARE ANALYSIS AND CONTAINMENT DAMIANO BOLZONI

GOODWARE DRUGS FOR MALWARE: ON-THE-FLY MALWARE ANALYSIS AND CONTAINMENT DAMIANO BOLZONI

GOODWARE DRUGS FOR MALWARE: ON-THE-FLY MALWARE ANALYSIS AND CONTAINMENT DAMIANO BOLZONI CHRISTIAAN SCHADE TWENTE SECURITY LAB UNIVERSITY OF TWENTE THE NETHERLANDS AGENDA Something about malware Malware internals Current analysis

398 views • 27 slides
A CUCKOOS EGG IN THE MALWARE NEST ON-THE-FLY SIGNATURE-LESS MALWARE ANALYSIS, DETECTION AND

A CUCKOOS EGG IN THE MALWARE NEST ON-THE-FLY SIGNATURE-LESS MALWARE ANALYSIS, DETECTION AND

A CUCKOOS EGG IN THE MALWARE NEST ON-THE-FLY SIGNATURE-LESS MALWARE ANALYSIS, DETECTION AND CONTAINMENT FOR LARGE NETWORKS CHRISTIAAN SCHADE TWENTE SECURITY LAB UNIVERSITY OF TWENTE THE NETHERLANDS MALWARE WARS In the last

313 views • 14 slides
Malware Halting 1. Malware 2. Software diversity Part I: Method Development 3. Computer

Malware Halting 1. Malware 2. Software diversity Part I: Method Development 3. Computer

Overview Malware Halting 1. Malware 2. Software diversity Part I: Method Development 3. Computer immunization Kjell Jrgen Hole Simula@UiB 4. Epidemiological model 5. Malware halting analysis 6. Malware halting method Last updated

672 views • 29 slides
5. Storage and Manipulation Foundations of XML Data of SSD Manipulation Shamelessly

5. Storage and Manipulation Foundations of XML Data of SSD Manipulation Shamelessly

5. Storage and Manipulation Foundations of XML Data of SSD Manipulation Shamelessly inspired by Ioana Manolescu tutorial Giorgio Ghelli The problem Classifying stores Consider the queries Essential criteria: $doc //

465 views • 8 slides
How does Malware Use RDTSC? A Study on Operations Executed by Malware with CPU Cycle Measurement

How does Malware Use RDTSC? A Study on Operations Executed by Malware with CPU Cycle Measurement

How does Malware Use RDTSC? A Study on Operations Executed by Malware with CPU Cycle Measurement Yoshihiro Oyama University of Tsukuba 1 Background Many malware programs execute operations for analysis evasion Detection of

346 views • 31 slides
Priority queue Binary heap March 06, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1 REMINDER

Priority queue Binary heap March 06, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1 REMINDER

Priority queue Binary heap March 06, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1 REMINDER Section 201 midterm is in WOOD 2 19:00 21:00 March 06, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 2 Priority queues?

338 views • 23 slides
AD ADVANCE CED M MALWARE RE ALEXANDRE BORGES MALWARE AND SECURITY RESEARCHER THR THREATS

AD ADVANCE CED M MALWARE RE ALEXANDRE BORGES MALWARE AND SECURITY RESEARCHER THR THREATS

AD ADVANCE CED M MALWARE RE ALEXANDRE BORGES MALWARE AND SECURITY RESEARCHER THR THREATS NO HAT 2019 (Bergamo / IT ITALY) by y Alexandre Bor Borges 1 NO HAT 2019 (BERGAMO / ITALY) Agenda: In Intr troductio ion Anti

1.45k views • 105 slides
C++ Memory Pointers and joy! January 07, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1

C++ Memory Pointers and joy! January 07, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1

C++ Memory Pointers and joy! January 07, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1 Announcements HW1 corrections please check pinned Piazza post Gradescope registrations will start today check your ugrad e-mail for

562 views • 20 slides
Anti-anti-malware (part 3) / Stack Smashing 1 last time various kinds of armored malware

Anti-anti-malware (part 3) / Stack Smashing 1 last time various kinds of armored malware

Anti-anti-malware (part 3) / Stack Smashing 1 last time various kinds of armored malware malware that evades analysis 2 logistics: LEX homework detect push ret pattern using fmex probably easier than TRICKY 3 upcoming exam next Wednesday

496 views • 48 slides
Android Malware Adventures Mert Can Cokuner Krat Ouzhan Aknc Android Malware

Android Malware Adventures Mert Can Cokuner Krat Ouzhan Aknc Android Malware

DeepSec IDSC Android Malware Adventures Mert Can Cokuner Krat Ouzhan Aknc Android Malware Adventures Agenda INTRODUCTION ANDROID MALWARE COMMAND & CONTROL QUESTIONS & ANSWERS 2 1 2 3 4 Android Malware

1.01k views • 64 slides
Computer and Information Security Fall 2019 Malware Tyler Bletsch Duke University [SOUP13]

Computer and Information Security Fall 2019 Malware Tyler Bletsch Duke University [SOUP13]

ECE590 Computer and Information Security Fall 2019 Malware Tyler Bletsch Duke University [SOUP13] defines malware as: a program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality,

1k views • 52 slides
System noise temperature Anh Phan, Yanlin Wu 10/17/2019 Methods Noise sources and daytime

System noise temperature Anh Phan, Yanlin Wu 10/17/2019 Methods Noise sources and daytime

System noise temperature Anh Phan, Yanlin Wu 10/17/2019 Methods Noise sources and daytime data are masked. Filter out high frequency components in the visibility with a Fourier low pass filter to get a fit of the raw data. The rms of

300 views • 15 slides
Boa Robert Dyer, Hoan Nguyen, Hridesh Rajan, and Tien Nguyen

Boa Robert Dyer, Hoan Nguyen, Hridesh Rajan, and Tien Nguyen

Mining Ultra-Large-Scale Software Repositories with Boa Robert Dyer, Hoan Nguyen, Hridesh Rajan, and Tien Nguyen {rdyer,hoan,hridesh,tien}@iastate.edu Iowa State University The research and educational activities described in this talk was

930 views • 71 slides
Boa Robert Dyer, Hoan Nguyen, Hridesh Rajan, and Tien Nguyen

Boa Robert Dyer, Hoan Nguyen, Hridesh Rajan, and Tien Nguyen

Mining Source Code Repositories with Boa Robert Dyer, Hoan Nguyen, Hridesh Rajan, and Tien Nguyen {rdyer,hoan,hridesh,tien}@iastate.edu Iowa State University The research and educational activities described in this talk was supported in part

742 views • 51 slides
Malware Defense I TDDD17 Information Security, Second Course Ulf Kargn Department of

Malware Defense I TDDD17 Information Security, Second Course Ulf Kargn Department of

Malware Defense I TDDD17 Information Security, Second Course Ulf Kargn Department of Computer and Information Science Linkping University Malware Defense Agenda 2 Two lectures Lecture I : Malware basics, malware on the PC,

621 views • 40 slides
Tree traversals January 30, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1 Announcements

Tree traversals January 30, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1 Announcements

Tree traversals January 30, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1 Announcements Attention: If you borrowed a Macbook charger in Monday lab section 14:00- 16:00, please return it! See Piazza for details Section 201 (that's

273 views • 11 slides

More recommend