Malware Analysis: A Deep Dive Experience
- Anuj Soni
- Thursday, October 3rd, 6:00pm - 8:00pm
Join Anuj Soni for an in-depth examination of a real, in-the-wild malware sample. There will be no slides, pretty pictures or fluffy theory here - this is 100% demo, and it will expose attendees to the approaches, tools and struggles of reverse engineering malware end-to-end. We will begin with static file analysis, proceed to behavioral analysis, and then perform static and dynamic code analysis. We will identify decoding routines, deobfuscate executable content, create a script to automate our work, and write a rule to detect similar files in the future. Come along for this accelerated but thorough discussion of key reverse engineering activities.
Bonus Sessions
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
Monday, September 30
| Session |
Speaker |
Time | Type |
| Vendor Showcase |
— |
Monday, September 30th, 10:40am - 11:20am |
Vendor Event |
| Evade Me If You Can: An Inside Look at Malware Evasion Techniques |
Ben Abbott, Solutions Engineer |
Monday, September 30th, 12:35pm - 1:40pm |
Lunch and Learn |
| Domain & DNS-based Adversarial Threat Intelligence in the SOC/CSIRT |
Corin Imai, Senior Security Advisor & Senior Product Marketing Manager |
Monday, September 30th, 12:35pm - 1:40pm |
Lunch and Learn |
| Vendor Showcase |
— |
Monday, September 30th, 3:05pm - 3:40pm |
Vendor Event |
| Threat Hunting & Incident Response Summit Night Out! |
— |
Monday, September 30th, 6:00pm - 8:00pm |
Special Events |
Tuesday, October 1
| Session |
Speaker |
Time | Type |
| Vendor Showcase |
— |
Tuesday, October 1st, 10:25am - 10:55am |
Vendor Event |
| Gain the Upper Hand: Leveraging Telemetry and Response Actions to Close the "Breakout" Window |
David French, Threat Researcher |
Tuesday, October 1st, 12:15pm - 1:25pm |
Lunch and Learn |
| The Anatomy of an Attack |
Daniel Bates, Systems Architect |
Tuesday, October 1st, 12:15pm - 1:25pm |
Lunch and Learn |
| Vendor Showcase |
— |
Tuesday, October 1st, 3:25pm - 3:45pm |
Vendor Event |
Wednesday, October 2
| Session |
Speaker |
Time | Type |
| DIY Software Supply Chain Monitoring |
Robert Perica, Principal Engineer |
Wednesday, October 2nd, 12:30pm - 1:15pm |
Lunch and Learn |
| Fidelis Product Test Drive |
Justin Swisher, MDR Threat Hunting and Charles Twardowski, Manager - Incident Response |
Wednesday, October 2nd, 6:30pm - 8:30pm |
Special Events |
Friday, October 4
| Session |
Speaker |
Time | Type |
| DFIR Community Night |
— |
Friday, October 4th, 6:00pm - 8:00pm |
Special Events |
