First meetup will focus on dissection of advanced persistent threat (APT) - delivery through document that leads to cobalt compromise.
We will go through:
1) VisualBasic deobfuscation
3) Sandbox evasion
4) Dll Reflective loading
The sample we will investigate is genuine sample that was targeting some of our customers.
I do recommend to come ready with laptops.
Note: As part of being able to host the various events for zero or close to zero cost, we’ve chosen to use WeWork and their event locations. Part of their conditions of use is that we provide them with the email addresses of those participants that RSVP for each event.
Additionally we are also required to add the following note to the description:
WeWork is a global network of workspaces where companies grow together. Teams of any size can find refreshingly designed collaborative space, private offices, and meeting rooms that energize their employees and their guests. But WeWork is so much more than four walls—providing community, amenities, events, and technology to evolve space into experience.