BSides Charleston and CHSinfoSec present:

Charleston Malware Workshop 2018

with Christopher (Tophs) Elisan

This is a beginner friendly 2-day class - Friday, July 20 & Saturday, July 21. The class will run from 8:00am - 5:00pm both days. Proceeds from this event will go towards the BSides Charleston 501c3 Non-Profit Organization.





Course Outline:

Malware Analysis

· Setting up the lab

o How to setup a test lab for static and dynamic analysis.

o Set up both a virtual and a bare metal system.

· Familiarization with Tools

o Discussion of the different tools that are freely available for malware analysis including VirusTotal and sandbox.

Static Analysis

· Hands-on static analysis of malware.

o Creating yara sigs.

o Detection and unpacking of packed malware

Dynamic Analysis

· Hands-on dynamic analysis of malware.

o Sysinternals.

o Memory analysis.

PCAP Analysis





Class Requirements:



Personal Laptop (You must have admin access to) with either VMware or Virtualbox (VirtualBox is preferred)

Instructor Bio:

Christopher Elisan, Senior Malware Researcher at Flashpoint, is a seasoned reverse engineer and malware researcher. His long history of digital threat and malware expertise, reversing, research and product development started at Trend Micro as one of the pioneers of TrendLabs where he honed his skills in malware reversing. He then built F-Secure’s Asia R&D where he spearheaded projects in vulnerability discovery, web security and mobile security. After F-Secure, he joined Damballa as their resident malware subject matter expert and reverse engineer. He then joined RSA as Principal Malware Scientist and Sr. Manager who leads a team of highly skilled malware researchers. He speaks at conferences around the world and frequently provides expert opinion about malware, botnets and advance persistent threats for leading industry and mainstream publications. Elisan’s published works include Hacking Exposed: Malware and Rootkits 2ed.