Get immersion-style cyber security training from industry experts in Philadelphia. Save $150 thru 2/26!


To attend this webcast, login to your SANS Account or create your Account.

What's New in REMnux v4 for Malware Analysis?

  • Monday, April 29th, 2013 at 1:00 PM EDT (17:00:00 UTC)
  • Lenny Zeltser

You can now attend the webcast using your mobile device!


REMnux is a lightweight Linux distribution for assisting malware analysts with reverse-engineering malicious software. Release 4 of this popular distro came out in April 2013. It incorporates several new tools useful for analyzing malware in this Ubuntu-based environment. Tune into this free webcast for an overview of these utilities. Lenny Zeltser, who teaches FOR610: Reverse-Engineering Malware and maintains REMnux will explain what's new in this release of the toolkit. He will cover topics such as:

  • Installing the REMnux virtual appliance using the OVF/OVA file, designed for improved compatibility with many virtualization tools, including VMware and VirtualBox.
  • Nuanced differences between the updated and older versions of tools installed on REMnux, including Volatility, Firebug and Origami.
  • New utilities for dealing with XOR-based obfuscation commonly employed by malware authors.
  • New tools for statically examining Windows PE files, such as pev, ExeScan and autorule
  • Other newly-added utilities for malware analysis, including hack-functions and ProcDot

If you're just getting started with REMnux, tune into a previously-recorded webcast Malware Analysis Essentials Using REMnux, which provides provides a good overview and examples of some of the tools for performing static malware analysis.

Speaker Bio

Lenny Zeltser

Lenny Zeltser has written his share of cybersecurity reports and other content during his tenure in the industry. He'll share with you the writing tips he has picked up along the way. Lenny is senior faculty member at SANS and VP of Products at Minerva Labs. Earlier in his career, he served as a Director of Product Management at a Fortune 500 company with a focus on security software and services. Previously, he led the enterprise security consulting practice at a major cloud services provider. A frequent public speaker and writer, Lenny has co-authored books on network security and malicious software. Lenny holds an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania. He blogs at

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.