From this video you will learn how the process emulator allowed AV to perform behavior and CFG analysis without need to execute malware, but emulating it instead.
#malware #antimalware #cpu #process #emulator #detection #behavior #analysis
#cyberdefense #cybersecurity
#cyber #cyberllama #cyberllamatalks
00:00 Intro
00:35 Quick Review
01:16 Behavior Analysis
02:25 Call Graph + Emulated API
03:55 Process Emulator capabilities
05:00 Unpacking
05:32 Packer detection
06:02 Payload detection
06:18 Call Graph and CFG analysis
06:41 Dropper analysis
07:20 Summary of capabilities
07:46 Process Emulation weakness
08:09 Conclusion
Cyber Llama Talks
コメント