このページは http://www.slideshare.net/matrosov/zn2012-pdf の内容を掲載しています。
In this talk one wouldn’t see any speculations on state-sponsored cyber-espionage and сonspirolog...
In this talk one wouldn’t see any speculations on state-sponsored cyber-espionage and сonspirology theories on cyber weapon development. In the presentation authors will concentrate on different approaches to analysis of the malware based on object oriented architecture with respect to one of the most complex threat ever known while AV industry exists: Win32/Flamer. The authors will present methods of analysis of the malware developed in the course of research of such threats as Stuxnet, Duqu and Festi. The talk will shed light on the problems the researchers face during investigation of complex threats and the ways to deal with them using tools by Hex-Rays. The authors will also present the result of research on reconstructing framework which was used to construct Win32/Flamer and will show its similarity with Stuxnet/Duqu/Gauss with respect to code and architecture.