This is the binary bash! Come play with and pick apart malicious software (commonly referred to as "malware" or "viruses"). This session will be a basic analysis session. Hosted by Grecs and Andy W.
This meetup will be hosted in the large (new) classroom area instead of the smaller (old) classroom area.
Note: Since this is a high-interest event, please park across the street: http://www.nova-labs.org/contact/#parking
Updated: $10/person for the classroom use.
Laptop with Virtualization Software (VMware or Virtual Box (free))
Virtual Machine running Windows XP SP3 configured to use Host-only networking, no networking, or custom configuration to allow for Man-In-The-Middle (MITM)
Tools Loaded in the Windows XP VM:
Malcode Analysis Pack - http://www.woodmann.com/collaborative/tools/index.php/Malcode_Analysis_Pack
FileAlyzer - http://www.safer-networking.org/products/filealyzer/
PEiD - http://tuts4you.com/download.php?view.398
Dependency Walker - http://www.dependencywalker.com/
PE Explorer - http://www.heaventools.com/overview.htm
ProcMon - http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx
Process Explorer - http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
Regshot - http://sourceforge.net/projects/regshot/
Wireshark - http://www.wireshark.org/
CaptureBat - https://www.honeynet.org/node/315
Take a snapshot of the VM after these tools are loaded
Download REMnux virtual appliance - http://zeltser.com/remnux/#download-remnux
Join or login to comment.
I look forward going to again, waiting next class
0 · April 18, 2013
Work plans have come up.
Hi, I am definitely coming this time. I am bringing my son 14 and he wanted to invite a friend whose parents are software people. Is it ok to have no experience at this level. Do we just bring a laptop?
0 · March 25, 2013
We have been building on each one slowly, we plan to do a short recap at the beginning. A laptop running VMware or virtual box and have a basic windows xp installation in the VM for looking at malware is necessary.
For the January sesssion - the first one we did - I posted my intro slides here - https://www.novainfose...
In that presentation it also mentions some tools you may want to get installed on the XP machine.
Changed start time to 6:30p. Note, this will be an intro, so it is highly recommended you arrive for the 6:30p start if you haven't attended a Binary Bash. The new content will start near the 7:00p original time.
1 · March 21, 2013
I'll be there. . .
0 · March 21, 2013
Will be attending
0 · March 11, 2013
Refunds are not offered for this Meetup.
Help support your Meetup
The NOVA Makers Meetup group is dedicated to creating and supporting a Maker community in Northern Virginia. Everyone with a passion and interest in making things is welcome to join! Rediscover the Joy of Making Things.
1,395 DC PHPers
1,101 Spark DC
Meetup has allowed me to meet people I wouldn't have met naturally - they're totally different than me.
— Allison, started Women's Adventure Travel
Meetup members, Log in