Collecting and Managing Accumulated Malware Automatically presented at DeepSec 2007

by Georg Wicherski,

Summary : With the nepenthes Platform, we are able to collect malware autonomously. Centrally collecting this malware over months yielded to a vast, unmanagable, giant heap of binary data. We show, how we managed to eventually do something useful with this data, by extracting different information using - sandboxing - recording of attacker information - botnet monitoring and introduce the functionality of the tools, we developed for these means.