All Posts
5
min read

Threatray at Bsides 2022, Binary code as a searchable IOC

Published on
September 25, 2022
Copy link
Share on LinkedIn
Share on X/Twitter
Share on Facebook

Key takeaways from our presentation @ Bsides Zurich by Carlos Rubio, our lead Malware Researcher and Jonas Wagner, co-founder and CTO.

Malicious binary code is frequently used in attacks and a highly valuable IOC

By making it searchable, you can leverage it in novel ways:

  • broad and resilient code-based signatures
  • that are easy to create
  • applicable back in time
  • discover fine-grained relations
  • Hunt through binary code the same way as you do through other types of data

Full presentation

More to explore…

Establishing the TigerRAT and TigerDownloader malware families

Recent research by Malwarebytes (April 2021), Kaspersky (June 2021) and the Korean CERT (September 2021), reports about attacks on South Korean entities, employing new techniques and malware not previously identified.

December 22, 2021

Linking and tracking UAC-0056 tooling through code reuse analysis

Multiple blogs have reported about recent activities and tooling of UAC-0056 (also known as Nodaria, SaintBear, TA471).

March 1, 2023

Introducing Mathias Fuchs as our esteemed Advisor

We're very pleased to announce that Mathias Fuchs has joined the Threatray team as an advisor!

April 23, 2024

Ready to find out how Threatray can protect your organization?

Talk to an expert