Malware Analysis Essentials Using REMnux
- Lenny Zeltser
- Thursday, March 6th, 6:00pm - 7:00pm
Though some tasks for analyzing Windows malware are best performed on Windows laboratory systems, there is a lot you can do on Linux with the help of free and powerful tools. REMnux is an Ubuntu distribution that incorporates many such utilities. This practical session presents some of the most useful REMnux tools. Lenny Zeltser, who teaches SANS' reverse-engineering malware course, will share how you can use the utilities installed on REMnux to:
- Assess suspicious Windows executable files
- Explore infection artifacts in a network capture file
- Examine malicious document and media files
If you haven't experimented with Linux-based tools for malware analysis, you've been missing out. And if you've been meaning to begin exploring the field of malware analysis, this talk will help you get started.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Lunch & Learn: Short presentations given during the lunch break.
Wednesday, March 5
|Welcome to SANS
||Wednesday, March 5th, 8:15am - 8:45am
|DFIReception - Forensicators Unite!
||Wednesday, March 5th, 6:00pm - 7:00pm
|Keynote: Have no fear - DFIR is here!
||Rob Lee, Chad Tilbury, Alissa Torres, Phil Hagen, and Lenny Zeltser
||Wednesday, March 5th, 7:00pm - 8:30pm
Saturday, March 8
||Saturday, March 8th, 12:30pm - 1:15pm
||Lunch and Learn