Introduction to Malware Analysis Through Packet Capture

This page keeps all original information and links. Japanese page
Training →Wireshark Open Seminar Education Partners →Books →Conference Speaking →Certifications
VirtualizationQt DevelopmentOpen Seminar ArchiveWireshark Track RecordCyber ​​security track record Information Processing Engineer Exam

List of seminars Malware analysis by PakecapMalware analysis and forensics with Kali Past Seminars
Malware1
Course code: Malware-1
Introductory seminar on Malware analysis using packet capture
Takeshita giving practical training and lectures at DEFCON via Pakecap
We will be holding an introductory seminar on Malware analysis.
Analyzing Malware behavior using Wireshark
You can learn the method
Malware1
Seminar name/code
Date/time
Overview

Introductory seminar on Malware analysis using packet captureNew
(Code:Malware-1)

1 day
(10:00-18:00)

Takeshita, who gives practical training and lectures at DEFCON Packet Capture Village, will be holding an open cyber security seminar held by the Self-Defense Forces and the Ministry of Defense.
We analyze malware and EKs from packet captures using example packets from malware such as LOKIBOT, Emotet, RAMNIT, Trickbot, and Exploit kits leading to actual infections.
Practice identifying malware-infected devices, root causes, and the process of creating an incident report.
You can check the method and analysis of malware analysis using packet capture by actually running it using Wireshark.
Textbook and equipment used
Lecturer
Purpose

★Distribution
Wireshark and
Malware packet
・Document resume
・CD-ROM
・USB memory
・Ikeriri bag
・Ikeriri magnet


MegumiTakeshita
Megumi Takeshita
Ikeriri★Network Service Co., Ltd.

learning-photo1


This is an introductory seminar on malware analysis using packet capture. Using Wireshark, a LAN analyzer, you will learn how to analyze the operation and behavior of malware, as well as collect information, discover root causes, and create incident reports.

We analyze the movement of malware using example packets from malware such as LOKIBOT, Emotet, RAMNIT, Trickbot, and exploit kits leading up to actual infections. Through practical training, you will learn how to identify devices, the process leading to malware infection, root causes, and the process of creating an incident report.

This is an introductory seminar on malware analysis using packet capture. Using Wireshark, a LAN analyzer, we will analyze the operation and behavior of malware, as well as introduce methods for collecting information, discovering root causes, and creating incident reports.
*Uses capture files (trace files) from overseas Wireshark developer conferences, etc.
You will also learn how to process malware using tshark in batch processing.

*Since the main content of the seminar is the analysis of packets that are infected with actual malware and packets in which malware is running, the trace files that will be distributed and the scripts and files that will be extracted will contain malware such as actual viruses, worms, spyware, and malicious tools. This is for Purpose of providing education on malware analysis, and although addresses and ports are anonymized and harmless as much as possible, many anti-virus software, anti-malware tools, VirusTotal, etc. may detect it as a malicious tool. Please be careful when handling capture files.
Seminar details

Batch processing with tshark
Customizing Wireshark
Identifying hosts and users
Checking for malware infection

*Since the main content of the seminar is the analysis of packets that are infected with actual malware and packets in which malware is running, the trace files that will be distributed and the scripts and files that will be extracted will contain malware such as actual viruses, worms, spyware, and malicious tools. This is for Purpose of providing education on malware analysis, and although addresses and ports are anonymized and harmless as much as possible, many anti-virus software, anti-malware tools, VirusTotal, etc. may detect it as a malicious tool. Please be careful when handling capture files.

Suspicious web traffic
Policy violations (Tor)
Root causes and false positives
(Appendix) Writing incident reports
(Appendix) Evaluation
(Appendix) Surveillance cameras

(Note)
In this seminar, participants will learn how to analyze malware using packet capture in a closed network for cyber security training.In fact, creating and distributing malware violates the Unauthorized Computer Access Act, as well as criminal and civil laws, and may result in punishment. This seminar is all about learning about the behavior of malware, and learning about detection, analysis, and defense measures based on packet capture. Please confirm and agree to this
List of seminars Malware analysis using packet capture Malware analysis and forensics with Kali Linux Past Seminars

Copyright Ikeriri Network Service Limited,All Rights Reserved.

English articles of incorporation Privacy policy site map search inquiry