Malware Analysis on a shoe-string budget

Michael Boman

Wed, 24th April 2013


Max, Concise Courses:
Have you ever used key analysis tools like IDA Pro or WinDbg?

Michael Boman:
Not me personally but my friend is doing that kind of malware analysis. I am looking at behavior.


Max, Concise Courses:
We have a particular interest in SCADA systems, do you have any comments about the future of being able to filter SCADA Deep Packet Inspection? Obviously as a result of Stuxnet, Duqu etc it is vital to secure an ICS or SCADA system. I guess the sudden appearance of a new protocol will put the smart system administrator on his or her guard but is there any other comment you can give about being able to identify SCADA Malware?

Michael Boman:
I haven’t seen SCADA malware myself but what I have read about it is that it is using PC’s to control SCADA systems. You can emulate any kind of PC set-up or mac for that matter. So if you create a virtual machine with all the SCADA progams, connections and so on it will act as it should.


Max, Concise Courses:
Could you run BrowserSpider on an andriod mobile?

Michael Boman:
Yes you can. Selenium supports browsing andriod. In fact it supports any browser that has selenium.


Max, Concise Courses:
What is the future of malware?

Michael Boman:
Going to get worse before it gets better. They are making way too much money. As long as we try to get to the malware instead of looking at the people creating them then we will be fighting a losing battle.