Malware Analysis Essentials Using REMnux w/ Lenny Zeltser

  • Thursday, 17 Apr 2014 1:00PM EDT (17 Apr 2014 17:00 UTC)
  • Speaker: Lenny Zeltser

Though some tasks for analyzing Windows malware are best performed on Windows laboratory systems, there is a lot you can do on Linux with the help of free and powerful tools. REMnux is an Ubuntu distribution that incorporates many such utilities. This practical session presents some of the most useful REMnux tools. Lenny Zeltser, who teaches SANS' reverse-engineering malware course, will share how you can use the utilities installed on REMnux to:

  • Assess suspicious Windows executable files
  • Explore infection artifacts in a network capture file
  • Examine malicious document and media files

If you haven't experimented with Linux-based tools for malware analysis,you've been missing out. And if you've been meaning to begin exploring thefield of malware analysis, this talk will help you get started.