Solarmarker, Part II: A Security Analyst’s Perspective and Live Analysis on Threat Actions Taken

Webinar Registration

There is no better way to strengthen a security strategy than by understanding the specific methods and tactics used by cybercriminals. It’s from studying these that we gain better perspective on the kinds of solutions and security measures necessary to protect the organization.

In a previous webcast, we heard from Willow Shipperley – Associate Detection & Response Analyst from Rapid7 who covered Solarmarker’s anti-analysis methods and persistence mechanisms used to obtain and construct its’ payload, demonstrating the evolution of the malware.

Continuing on the momentum from that webcast, we’ll be taking a look at the last half of the Solarmarker malware attack.

Up first, Microsoft MVP, Nick Cavalancia takes my seat and discusses:

  • The current use of banking trojans like Solarmarker
  • The type and value of the information stolen
  • How these latter-stage attack methods align with MITRE

Next up, you’ll hear from Adam Boretos – Detection & Response Analyst from Rapid7. Adam will focus in on Solarmarker’s C2 communications, using a live modified version of the Solarmarker DLL in a debugger and running it through the TOR network to the C2 to see command being sent to the dropper.

Adam will then turn the focus to the Jupyter Infostealer module within Solarmarker, providing a real-world look at:

  • How Jupyter attempts to steal credentials stored within the browser
  • How it exfiltrates browser data over the C2 communications channel

This real training for free event will be jam packed with technical detail and real-world application. Register today!

First Name:   
Last Name:   
Work Email:  
Phone:  
Job Title:  
Organization:  
Country:    
State:  
 

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor.

 

 

Additional Resources