Are you a new incident responder or do you want to break into the field? Forgotten in the age of sandboxes, Virus Total and other large scale automated tools, is the human element. Combining deductive reasoning and simple static file analysis this session will help you to determine whether or not a a file could be malicious without debugging or disassembling the file.
Come along as we introduce you to the world of malware and some basic tools at everyone's disposal. You'll learn about basic concepts and phenotypes of malware, common vectors and why the simplest factors often work. We'll touch on common locations, time stomping, common registry keys and malware beyond the world of Windows. You'll learn why tools are great but humans are essential. We'll show you some common sandbox flaws and add some real stories from the field and lessons learned.