{"id":11266,"date":"2022-08-10T09:07:07","date_gmt":"2022-08-10T09:07:07","guid":{"rendered":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/?post_type=session&#038;p=11266"},"modified":"2024-09-03T02:25:22","modified_gmt":"2024-09-03T02:25:22","slug":"commsec-whos-the-author-how-automated-malware-attribution-engines-work","status":"publish","type":"session","link":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/commsec-whos-the-author-how-automated-malware-attribution-engines-work\/","title":{"rendered":"COMMSEC: Who&#8217;s the Author? How Automated Malware Attribution Engines Work"},"content":{"rendered":"<p><strong><a href=\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/materials\/D1%20COMMSEC%20-%20Who%e2%80%99s%20the%20Author%3f%20How%20Automated%20Malware%20Attribution%20Engines%20Work%20-%20Anton%20Belousov.pdf\">PRESENTATION SLIDES<\/a><\/strong><\/p>\n<p style=\"text-align: justify;\">In an ever-changing cyber threat landscape, malware analysis is an effective tool that can help both in responding to incidents and in predicting future attacks. For the latter, attribution of malware samples is well suited, allowing one to identify a cybercriminal group. This information, especially obtained in the early stages of an attack, will make it possible to predict the attacker\u2019s actions and proactively protect against them.<\/p>\n<p style=\"text-align: justify;\">Malware attribution is a large set of measures that includes analysis of the code base of attacker tools, tactics and techniques, as well as the network infrastructure used. It is not always possible to fully classify a sample into at least one group during manual analysis; the analyst should have experience and insight, and sometimes use additional tools.<\/p>\n<p style=\"text-align: justify;\">In this presentation, we will talk about the automated cyber threat attribution engine, which allows you to analyze a specific malicious sample based on a wide range of characteristics and compare it with data on known threats. As a result of this comparison, we will receive a similarity rating\u00a0 of the sample with the well-known APT grouping tools.<\/p>\n","protected":false},"template":"","class_list":["post-11266","session","type-session","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>COMMSEC: Who&#039;s the Author? How Automated Malware Attribution Engines Work - HITBSecConf2024 - Bangkok<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/commsec-whos-the-author-how-automated-malware-attribution-engines-work\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"COMMSEC: Who&#039;s the Author? How Automated Malware Attribution Engines Work - HITBSecConf2024 - Bangkok\" \/>\n<meta property=\"og:description\" content=\"PRESENTATION SLIDES In an ever-changing cyber threat landscape, malware analysis is an effective tool that can help both in responding to incidents and in predicting future attacks. For the latter, attribution of malware samples is well suited, allowing one to identify a cybercriminal group. This information, especially obtained in the early stages of an attack, [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/commsec-whos-the-author-how-automated-malware-attribution-engines-work\/\" \/>\n<meta property=\"og:site_name\" content=\"HITBSecConf2024 - Bangkok\" \/>\n<meta property=\"article:modified_time\" content=\"2024-09-03T02:25:22+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/commsec-whos-the-author-how-automated-malware-attribution-engines-work\/\",\"url\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/commsec-whos-the-author-how-automated-malware-attribution-engines-work\/\",\"name\":\"COMMSEC: Who's the Author? How Automated Malware Attribution Engines Work - HITBSecConf2024 - Bangkok\",\"isPartOf\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/#website\"},\"datePublished\":\"2022-08-10T09:07:07+00:00\",\"dateModified\":\"2024-09-03T02:25:22+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/commsec-whos-the-author-how-automated-malware-attribution-engines-work\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/commsec-whos-the-author-how-automated-malware-attribution-engines-work\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/commsec-whos-the-author-how-automated-malware-attribution-engines-work\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Session\",\"item\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"COMMSEC: Who&#8217;s the Author? How Automated Malware Attribution Engines Work\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/#website\",\"url\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/\",\"name\":\"HITBSecConf2024 - Bangkok\",\"description\":\"August 26 - 30 @ InterContinental\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"COMMSEC: Who's the Author? How Automated Malware Attribution Engines Work - HITBSecConf2024 - Bangkok","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/commsec-whos-the-author-how-automated-malware-attribution-engines-work\/","og_locale":"en_US","og_type":"article","og_title":"COMMSEC: Who's the Author? How Automated Malware Attribution Engines Work - HITBSecConf2024 - Bangkok","og_description":"PRESENTATION SLIDES In an ever-changing cyber threat landscape, malware analysis is an effective tool that can help both in responding to incidents and in predicting future attacks. For the latter, attribution of malware samples is well suited, allowing one to identify a cybercriminal group. This information, especially obtained in the early stages of an attack, [&hellip;]","og_url":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/commsec-whos-the-author-how-automated-malware-attribution-engines-work\/","og_site_name":"HITBSecConf2024 - Bangkok","article_modified_time":"2024-09-03T02:25:22+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/commsec-whos-the-author-how-automated-malware-attribution-engines-work\/","url":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/commsec-whos-the-author-how-automated-malware-attribution-engines-work\/","name":"COMMSEC: Who's the Author? How Automated Malware Attribution Engines Work - HITBSecConf2024 - Bangkok","isPartOf":{"@id":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/#website"},"datePublished":"2022-08-10T09:07:07+00:00","dateModified":"2024-09-03T02:25:22+00:00","breadcrumb":{"@id":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/commsec-whos-the-author-how-automated-malware-attribution-engines-work\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/commsec-whos-the-author-how-automated-malware-attribution-engines-work\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/commsec-whos-the-author-how-automated-malware-attribution-engines-work\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/"},{"@type":"ListItem","position":2,"name":"Session","item":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/"},{"@type":"ListItem","position":3,"name":"COMMSEC: Who&#8217;s the Author? How Automated Malware Attribution Engines Work"}]},{"@type":"WebSite","@id":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/#website","url":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/","name":"HITBSecConf2024 - Bangkok","description":"August 26 - 30 @ InterContinental","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-json\/wp\/v2\/session\/11266"}],"collection":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-json\/wp\/v2\/session"}],"about":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-json\/wp\/v2\/types\/session"}],"wp:attachment":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-json\/wp\/v2\/media?parent=11266"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}