Загрузка страницы

THREAT CON 2019 - Depth of effective macro campaign by Aniruddha Dolas and Prashant Tilekar

Talk Title: Depth of effective macro campaign

Presenters: Aniruddha Dolas and Prashant Tilekar

Spreading malware through MS Office macros is very simple, as it does not depend on MS Office version. Some of the major threats like Emotet, Trickbot, Ursnif, Hancitor, etc. have been using VBA macros, some of the futures of OLE has been used to spread malware like DDE. Spear-phishing, APT attacks, Muddy water campaigns are the few which spread through the same. We would like to deliver how malware gets spread using MS Office macros and in-details about different techniques of obfuscation and how it bypasses the detections of different AVs, as well as showing some different examples of VBA macro malware and normal VBA macro code. In our findings, we show you how to detect such VBA macros. Also, how the MS Office macros get evolved and stay persists in the system using WMI, COM, and Registries and behaves like a file-less.

Website : http://threatcon.io
Twitter : https://twitter.com/threat_con
Facebook : https://www.facebook.com/threatcon

Видео THREAT CON 2019 - Depth of effective macro campaign by Aniruddha Dolas and Prashant Tilekar канала THREAT CON
Показать
Комментарии отсутствуют
Введите заголовок:

Введите адрес ссылки:

Введите адрес видео с YouTube:

Зарегистрируйтесь или войдите с
Информация о видео
15 декабря 2019 г. 15:45:27
00:39:41
Яндекс.Метрика