Malboxes: Make Malware Analysis More Accessible

Tools (716AB) October 3, 2018 1:25 pm - 2:25 pm Feedback     

Bookmark and Share

Olivier Bilodeau

Malware is everywhere. Every organization has been infected by malware to some extent. Yet, most don’t have the expertise on staff to know if they are being targeted or if they are hit with mass-spreading malware. Knowing the difference is vital for a proper response plan. This is where Malboxes comes in. It is a tool that builds “ready to infect” Windows virtual machines and it has been created to make malware analysis more accessible. That said, being built on top of Packer, Vagrant and leveraging Chocolatey, Malboxes opens a world of possibilities for more mature malware analysis teams. Attendees will learn simple tools and safe malware analysis principles that are easy to grasp, enabling them to start doing malware analysis themselves. Seasoned malware researchers will also gain from this talk by seeing how the DevOps principles applied by Malboxes can simplify and accelerate their labs’ malware reverse-engineering capacity. As malware is making more effort to evade proprietary sandboxes, having a tool like Malboxes, which enables you to dynamically evaluate suspicious files yourself, is definitely a big plus.