TASTY MALWARE ANALYSIS WITH T.A.C.O.: BRINGING CUCKOO REPORTS INTO IDA PRO presented at Ruxcon 2015

by Jason Jones,

Summary : Bringing run-time information into IDA is not a new concept, but has been a need for some time. Taking run-time behavior and coupling that with other IDA-based tools can give new insight into how a malware behaves and give a malware analyst more insight into where the "interesting" pieces of the malware may lie. This presentation will cover TACO, a new IDA plugin to incorporate various elements logged during analysis in Cuckoo Sandbox in order to speed up the malware analyst's job of discovering key behaviors used by the malware.