Abracadabra - A researcher's reversing spell!

Abstract

In an era of Spams and Hams, we need to keep an eye out for document attachments in emails. Malwares today heavily operate using e-mail attachments as a means to enter a victim’s system. It’s a stroll in the park to spot plain malicious code in a document but what if it is obfuscated . Well, the level of obfuscation equals the time spent to decode that portion in a document. Obfuscation holds the key in today’s threat landscape and also level of obfuscation matters too. In this talk we will take a look at some of the peek-a-boos that malware authors play with us and also some end game level obfuscation techniques.

Sreenidhi Ramadurgam

@SreenidhiRamad1

I am a Security Researcher at Cisco Systems, India. I hold the SANS GIAC Reverse Engineering malware (GREM) certification and am also CEH certified. I hold the black belt in the Cisco Security Ninja program. I have conducted cybersecurity and malware analysis workshops at universities across India and have delivered talk in Cisco SecCon packet village, 2019.

I actively work on threat hunting, reverse engineering various malware samples and build honeypots to catch threats in the wild. My arsenal includes malware reversing and analysis skills, Metasploit skills, and I also have a strong interest towards memory forensics.

I have also published blogs related to interesting findings that I have come across in this domain:

  1. https://umbrella.cisco.com/blog/inadequate-security-makes-wordpress-sites-a-land-of-opportunity-for-hackers
  2. https://umbrella.cisco.com/blog/cyber-attackers-use-seo-to-spread-malware-through-torrent-files”