resetti
malware analyst, penetration tester, aspiring exploit developer.
i also love threat intelligence.
Session
Getting a new malware sample can feel overwhelming, there’s so much you could do, but where should you start? In this talk, I’ll share the simple workflow I use when I first encounter a fresh sample. We’ll begin with a quick sandbox run to see high-level behavior, then move into static analysis to spot strings, imports, and obfuscation tricks. I’ll finish with dynamic analysis and persistence, showing how the pieces fit together to reveal what the malware is doing. Using a real-world example from my blog, I’ll highlight the free tools I rely on and explain why I choose them at each stage. The goal is to make malware analysis less intimidating, show that anyone can begin safely, and give you enough resources and confidence to try your own analysis.