Investigating Malware Using Memory Forensics - A Practical Approach presented at BlackHatAsia2019 2019

by Monnappa K A,

Summary : The number of cyber attacks is undoubtedly on the rise targeting government, military, public and private sectors. Most of these cyber attacks make use of malicious programs (Malware) for financial theft, espionage, intellectual property theft, and political motives. These malware programs use various techniques to execute their malicious code and to remain undetected from the security products. With adversaries becoming sophisticated and carrying out advanced malware attacks, it is critical for the cybersecurity professionals to detect and respond to such intrusions. This presentation mainly focuses on the practical concept of memory forensics and shows how to use memory forensics to detect, investigate and understand the capabilities of malicious software. In addition to that, with the help of various demonstrations, the presentation also covers various tricks and techniques used by the malware including some of the stealth and evasive capabilities.