Banking Trojan Deep Dive: Exposing Obfuscation and Anti-Analysis Measures for Improved Detection Using Gootkit

Webinar Registration

Banking trojans have been around for over a decade, posing as legitimate software, but really collecting banking and online credentials, and has evolved to collect browser-stored credentials, cookies (to bypass MFA), and even files and email off the infected endpoint. These powerful pieces of malware are designed to steal every last bit of information threat actors find valuable and could be modified for literally any purpose to meet the specific needs of an attack.

Gootkit has been around since 2014, but saw a surge of use in 2020, and an expansion of its multi-stage distribution platform in 2021 to be capable of delivering additional exploits, malware, and threats. This makes Gootkit the perfect example of a modern banking trojan to be examined.

In this Real Training for Free session, join Microsoft MVP Nick Cavalancia, as he discusses:

  • An overview of the evolution of banking trojans
  • Gootkit’s recent initial attack vectors
  • Pertinent attacks
  • Current threat capabilities

Nick will be joined by Reese Lewis, Detection & Response Analyst from Rapid7 who will provide a live analysis of Gootkit’s more recent updates and evolution, including:

  • A demo of each of the malware’s deployment stages
  • An explanation about how the code executes and what anti-analysis measures are used
  • A demonstration of multiple Gootkit samples to show the evolution of anti-analysis techniques over time
  • A discussion around detection at all stages to ensure the malware can be stopped even as it evolves

This real training for free event will be jam packed with technical detail and real-world application. Register today!

First Name:   
Last Name:   
Work Email:  
Phone:  
Job Title:  
Organization:  
Country:    
State:  
 

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor.

 

 

Additional Resources