Sick Anti Forensics Mechanisms in the Wildby SANS Digital Forensics

For those in the trenches of enterprise defense, it appears malware authors are deriving sick pleasure of late in mechanizing their end products with sophisticated self-defense and evasion capabilities. From “environmentally-aware” binaries to malware that defeats image acquisition, attackers are becoming increasingly more adept at evading analysis. During this presentation, several of these anti-forensics techniques will be explored, preparing attendees for what they are likely to encounter with increasing frequency - malware that fights back.

Published 02 March 2015