This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, May 11 • 11:35 - 12:15
Wicked malware persistence methods

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Most malware types need to carry on their mission for as long aspossible. That's why successfully entering to the system is not enough -they also need to ensure being redeployed on each system startup. Mostof authors rely on classic and well-documented methodsof persistence, such as Run/RunOnce registry keys, link in the Startupfolder, via task scheduler etc. Those methods are very easy to implement, but also easy to detect.That's why, from time to time we can encounter some creativealternatives, that make the job of a malware analyst harder.Some of them are simple, based on just one trick while others aremultilayered and completly wicked. This talk will be a walk though someof them - touching also new trends, such as "fileless malware"and malware making use of legitimate applications.

avatar for Hasherezade


Master in Computer Science. From the teenage years passionate inprogramming and reverse engineering. Activly taking part in the life of the InfoSec community by publishingopen source applications and blogging about malware analysis. Currently works as a malwareintelligence analys... Read More →

Thursday May 11, 2017 11:35 - 12:15
Waterfront Center: Room 3

Attendees (31)