Binary Bash - Malware Analysis

This is the binary bash!  Come play with and pick apart malicious software (commonly referred to as "malware" or "viruses").  This session will be a basic analysis session.  Hosted by Grecs and Andy W.

This meetup will be hosted in the large (new) classroom area instead of the smaller (old) classroom area.

Note: Since this is a high-interest event, please park across the street: http://www.nova-labs.org/contact/#parking

Updated: $10/person for the classroom use.

Recommended Configuration:

Laptop with Virtualization Software (VMware or Virtual Box (free))

Virtual Machine running Windows XP SP3 configured to use Host-only networking, no networking, or custom configuration to allow for Man-In-The-Middle (MITM)

Tools Loaded in the Windows XP VM:

Malcode Analysis Pack - http://www.woodmann.com/collaborative/tools/index.php/Malcode_Analysis_Pack

FileAlyzer - http://www.safer-networking.org/products/filealyzer/

PEiD - http://tuts4you.com/download.php?view.398

Dependency Walker - http://www.dependencywalker.com/

PE Explorer - http://www.heaventools.com/overview.htm

ProcMon - http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx

Process Explorer - http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

Regshot - http://sourceforge.net/projects/regshot/

Wireshark - http://www.wireshark.org/

CaptureBat - https://www.honeynet.org/node/315

Take a snapshot of the VM after these tools are loaded

Download REMnux virtual appliance - http://zeltser.com/remnux/#download-remnux

 

Join or login to comment.

  • A former member
    A former member

    I look forward going to again, waiting next class

    April 18, 2013

  • A former member
    A former member

    Work plans have come up.

    April 18, 2013

  • Sabina S.

    Hi, I am definitely coming this time. I am bringing my son 14 and he wanted to invite a friend whose parents are software people. Is it ok to have no experience at this level. Do we just bring a laptop?

    March 25, 2013

    • grecs

      For the January sesssion - the first one we did - I posted my intro slides here - https://www.novainfose...­

      March 25, 2013

    • grecs

      In that presentation it also mentions some tools you may want to get installed on the XP machine.

      March 25, 2013

  • Joey

    Changed start time to 6:30p. Note, this will be an intro, so it is highly recommended you arrive for the 6:30p start if you haven't attended a Binary Bash. The new content will start near the 7:00p original time.

    1 · March 21, 2013

  • John F.

    I'll be there. . .

    March 21, 2013

  • Tez

    Will be attending

    March 11, 2013

18 went

Your organizer's refund policy for Binary Bash - Malware Analysis

Refunds are not offered for this Meetup.

People in this
Meetup are also in:

Create a Meetup Group and meet new people

Get started Learn more
Allison

Meetup has allowed me to meet people I wouldn't have met naturally - they're totally different than me.

Allison, started Women's Adventure Travel

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy