Introduction

What?

• Identifying and analysing malicious payloads of various formats embedded in PDFs, EXEs and Microsoft Office Macros.

• Identifying obfuscated code and packed files, and analysing these.

• Analysing the memory dump of a PC that became infected with the Jigsaw ransomware in the real-world using Volatility.

Why?

Practice with real-world example cases.

How?

• Analysing malicious pdfs

• Analysing malicious Microsoft Office macros

• I hope you packed your bags

• THM Dunkle Materie