HITB SIGINT: Mohammed Kamil & Lim Jun Yi (MyCERT)

Presentation Title MyKotakPasir Sandbox: Automated Binary Analysis
Presentation Abstract

In-depth analysis is important to generate heuristic detection for future variants of malware. Due to the rapid growth of malware threats and samples, reverse engineering and static analysis approaches on each malware doesn’t scale well. The next approach is by using sandboxes to have quick details on malware behavior. Automation in malware analysis simplifies the task of a malware analyst and MyKotakPasir is our self-developed malware sandbox which has the ability to produce detailed reports on the samples analyzed within minutes. It has ability to extract relevant features such as file access, system changes and network activities.

About Mohammad Kamil

Nur Mohammad Kamil Bin Mohammad Alta is a Malware Analyst at Malaysian Computer Emergency Response Team (MyCERT), CyberSecurity Malaysia. His education background comprises of Diploma in Computer Networking Technology, from Advances Technology Institute (ADTEC) Batu Pahat. He is also a GIAC Certified Reverse Engineering Malware (GREM) and Certified Ethical Hacker (CEH). Kamil has been with the CyberSecurity Malaysia since 2009. He’s responsible for the daily operation of analyzing malware, debugging , web security, network security, system development an automation and also involve in incident handling service as well. Kamil is involved in various global computer security initiatives such as the Open Source Development Group and the Honeynet Project. Some of his recent work is in the area of malware analysis, distributed honeynet and cyber drill exercises.

About Lim Jun Yi

Lim Jun Yi is currently working as Malware Analyst for Malaysia Computer Emergency and Response Team (MyCERT), CyberSecurity Malaysia. His education background comprises of Bachelor Degree in Information Technology, Majoring in Security Technology from Multimedia University (MMU). Jun Yi had just recently joined CyberSecurity Malaysia in 2011. His daily operation mainly revolves around reverse engineering, analyzing malware, developing additional tools to assist in his work, and occasionally some bizzare proof of concept for unusual ideas. Jun Yi is involved with global computer security initiatives such as the Honeynet Project and recently development in MyKotakPasirv3, the automated binary analysis framework.