Persentasi Mas Win Tools

6th ICR and ID-SIRTII Research Seminar

MasWin ToolsMalware Analysis Windows

ToolsPadma Hotel - Bali

23 September 2015

Ravindo Tower 17th floorKebon Sirih No. 75 Central Jakarta 10340 - IndonesiaP: +62 21 3192 5551 / info@idsirtii.or.id

Android Malware Operating System

M. Lutfi Sahlan (Malware

Analyst)Research & Development

Dept.Id-SIRTII/CC

M. Ali Syarief (Malware Analyst)Research &

Development Dept.Id-SIRTII/CC

Id-SIRTII/CC is Indonesia National Computer Emergency Response Team

OUR AIMS  To support a good environment on Internet infrastructure in the

country

To improve Internet security and encourage legal e-transactions in Indonesia.

  Ali Syarief(Malware Analyst)Research & Development

Dept.Id-SIRTII/CC

Andre Nurhanggoro ( Simulation Lab )

Research & Development Dept.Id-SIRTII/CC

OVERVIEW

A software which is designed to infiltrate a computer system

without the owner’s informed consent

Malware

MALicious softWARE

Ravindo Tower 17th floorKebon Sirih No. 75 Central Jakarta 10340 - IndonesiaP: +62 21 3192 5551 / info@idsirtii.or.id

THE EVOLUTION OF MALWARE

Category DESCRIPTION

MALWARE CATEGORY

Ravindo Tower 17th floorKebon Sirih No. 75 Central Jakarta 10340 - IndonesiaP: +62 21 3192 5551 / info@idsirtii.or.id / www.idsirtii.or.id

Workflow Lab Malware ID-SIRTII/CC

Why Analysis MalwareIncident Response

Vulnerability

Attack trends and Threat Evaluation

Penetration Test

Computer Forensics

Find New signature

regedit

ATTACK AREAWINDOWS

Surface AnalysisTrIDCFF ExplorerBinText

Runtime AnalysisRegshotPE & PM

Wireshark

Static AnalysisOllyDbg

IDA Pro

Runtime AnalysisRegshotPE & PM

Wireshark

Surface - RUNTIME- Static

DEMOVIDEO