Proposed sessions for this event:

  • Getting started with Malware/Exploit Kit Analysis by Gajendra Kumar
Note: The session details including schedule are available below.

Getting started with Malware/Exploit Kit Analysis

The session is intended for ones interested in learning basics of malware analysis. This will be a completely hands on session to understand windows internals with focus on data structures that are of interest to an attacker. At the end of this session, the participant will learn to use tools like WinDbg, Immunity Debugger, basics of x86 assembly.

At a bare minimum, the following will be covered:

1 Introduction to Windows Internals

• Introduction to Virtual Memory and Physical memory
• Data structures that are of interest to an Attacker.
• Import Address Table
• Export Address table

2 Deep dive in to Shell Code Analysis.

• What is a Shell Code?
• Extracting shell code from a sample exploit and create a binary.
• Hands on with debugger to reverse the binary.

3 Reverse/Analyze a malware sample (‘Hancitor’)

Hardware Pre-requisites (Mandatory)

• A system capable of running Virtual Box. You can test this by installing Virtual Box and creating a test VM.
• Atleast 2 GB of RAM
• Atleast 10 GB of free space on any drive.

Software Pre-requisites (Mandatory)

• Windows 7 32 bit operating system running on Virtulbox or VmWare.
• The VM should have WinDbg Installed ( )
• Immunity Debugger ( )
• Microsoft Office (Word 2010)

Date Saturday July 29 2017
Chapter Bangalore
Registrations 47
Max Registrations 55
Event Type Invite Only
Start Time 09:30 AM
End Time 06:00 PM

Session Schedule

Name Speaker Start Time End Time Resources
Getting started with Malware/Exploit Kit Analysis Gajendra Kumar 09:30 AM 06:00 PM


