Exploring malware relations

by

Peter Silberman and I will be presenting, this Wednesday at BlackHat Europe 2010, our latest peek into the malware world.

In this talk we follow up from our previous “State of Malware: Explosion of the Axis of Evil” , where we explored some of the idiosyncrasies of mass-malware vs. the ones in targeted malware. This time around we decided to try to spot actual code-sharing among a reasonably diverse corpus of recent malware obtained from VirusTotal.

Using some of the technology we’ve developed in zynamics to automatically classify malware we attempted to find relations between malware samples that would indicate that code had been shared, possibly indicating collaborative efforts of malware developers or even giving clues about common authorship.

If you want to hear what it is that we found out, don’t hesitate in dropping by our talk Wednesday 16:45h

See you there!

2 Responses to “Exploring malware relations”

  1. M-unition » Blog Archive » SANS EU Malware in Memory Says:

    […] with the line up of this SANS EU conference. It has a very eclectic mix of people talking. Ero Carrera will be dicussing malware analysis. While Ero isn’t a forenscitar, his insight into malware […]

  2. SANS EU Malware in Memory | M-unition Says:

    […] with the line up of this SANS EU conference. It has a very eclectic mix of people talking. Ero Carrera will be dicussing malware analysis. While Ero isn’t a forenscitar, his insight into malware […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Follow

Get every new post delivered to your Inbox.

Join 40 other followers

%d bloggers like this: