ESET & Intel Security on Black Hat USA 2015
The most famous and respected in the world conference for security writers Black Hat 2015 has ended in Las Vegas. This year, a large number of reports were presented on the most topical issues of operating various vulnerabilities in software, ranging from Windows and Android, to embedded software for cars.
ESET was represented at the conference by security repercher Evgeny Rodionov ( @vxradius ), along with his colleagues from Intel Security Alexander Matrosov ( @matrosov , Intel Advanced Threat Research ), Rodrigo Branco ( @bsdaemon ) and Gabriel Negreira Barbosa. They presented a large report entitled Distributing the High-Level Intermediate Representation for Large Scale Malware on analyzing and restoring the logic of complex types of threats.
')
Alexander Matrosov previously worked for ESET as the head of the center for viral research and analysis. At the conference, Sailors and Rodionov also announced the imminent release of a book called Reversing Modern Malware and Next Generation Threats , which includes detailed information on the functioning of modern bootkits, rootkits, and other complex threats, expected for reporters. It also provides information on special tools for analyzing such threats. In particular, we are talking about the tool HexRaysCodeXplorer , the source code of which is presented here . HexRaysCodeXplorer is a plugin for the well-known Hex-Rays decompiler and allows you to facilitate the analysis of massive executable threat files. The development of the plugin also involved the authors of the book.
Content Reversing Modern Malware and Next Generation Threats . The book is already available for pre-order.
The presentation Distributing the Reconstruction of High-Level Intermediate Representation for Large Scale Malware is also devoted to analyzing bulk malware using HexRaysCodeXplorer .
UPD : The presentation can be downloaded here .
ESET was represented at the conference by security repercher Evgeny Rodionov ( @vxradius ), along with his colleagues from Intel Security Alexander Matrosov ( @matrosov , Intel Advanced Threat Research ), Rodrigo Branco ( @bsdaemon ) and Gabriel Negreira Barbosa. They presented a large report entitled Distributing the High-Level Intermediate Representation for Large Scale Malware on analyzing and restoring the logic of complex types of threats.
')
Alexander Matrosov previously worked for ESET as the head of the center for viral research and analysis. At the conference, Sailors and Rodionov also announced the imminent release of a book called Reversing Modern Malware and Next Generation Threats , which includes detailed information on the functioning of modern bootkits, rootkits, and other complex threats, expected for reporters. It also provides information on special tools for analyzing such threats. In particular, we are talking about the tool HexRaysCodeXplorer , the source code of which is presented here . HexRaysCodeXplorer is a plugin for the well-known Hex-Rays decompiler and allows you to facilitate the analysis of massive executable threat files. The development of the plugin also involved the authors of the book.
Content Reversing Modern Malware and Next Generation Threats . The book is already available for pre-order.
The presentation Distributing the Reconstruction of High-Level Intermediate Representation for Large Scale Malware is also devoted to analyzing bulk malware using HexRaysCodeXplorer .
UPD : The presentation can be downloaded here .
Source: https://habr.com/ru/post/264273/
All Articles