Find Out What We’ve Got Lined Up for #MVS2021
Our full agenda is available for you to view. Every presentation will also feature a Q&A and Discord activity — so be sure to join us live to get the most out of every session.
MVS21 AGENDA
Discover What You’ll Learn at MVS2021
RESULTS:
May
25
TYPE
Lecture
THEME
Computer
Corporate Investigations
TIME
09:00 EDT
Duck Hunt! Hunting Qakbot Malware with AXIOM
Aaron SparlingIn this Lecture:
This presentation will walk the you through the analysis of an actual Qakbot investigation. The presentation will start with the collection of physical memory and filesystem acquisition, pivot through the analysis process, thus eventually ending with identification and attribution. Aaron will illustrate how MAGNET AXIOM can be used to leverage malware investigations by utilizing the embedded volatility framework, connections, artifact analysis, and timeline features. By using these embedded features within the AXIOM analysis platform we will be able to illuminate the breach from beginning to end. Aaron will share lessons learned and highlight both those things which worked as well as things that could have been done better in the investigation. From this presentation, you will gain a complete understanding of how Qakbot infects the network, as well as how to hunt, identify, isolate and remediate the malware infection
Expand
May
25
TYPE
Lecture
THEME
Computer
Corporate Investigations
TIME
13:00 EDT
Duck Hunt! Hunting Qakbot Malware with AXIOM
Aaron SparlingIn this Lecture:
This presentation will walk the you through the analysis of an actual Qakbot investigation. The presentation will start with the collection of physical memory and filesystem acquisition, pivot through the analysis process, thus eventually ending with identification and attribution. Aaron will illustrate how MAGNET AXIOM can be used to leverage malware investigations by utilizing the embedded volatility framework, connections, artifact analysis, and timeline features. By using these embedded features within the AXIOM analysis platform we will be able to illuminate the breach from beginning to end. Aaron will share lessons learned and highlight both those things which worked as well as things that could have been done better in the investigation. From this presentation, you will gain a complete understanding of how Qakbot infects the network, as well as how to hunt, identify, isolate and remediate the malware infection
Expand
| Date | Details | Speaker | Session Type | Content Theme | Timezone |
|---|---|---|---|---|---|
|
May 25 |
Duck Hunt! Hunting Qakbot Malware with AXIOM |
Aaron Sparling |
Lecture |
Computer Corporate Investigations |
09:00 EDT |
|
In this Lecture: This presentation will walk the you through the analysis of an actual Qakbot investigation. The presentation will start with the collection of physical memory and filesystem acquisition, pivot through the analysis process, thus eventually ending with identification and attribution. Aaron will illustrate how MAGNET AXIOM can be used to leverage malware investigations by utilizing the embedded volatility framework, connections, artifact analysis, and timeline features. By using these embedded features within the AXIOM analysis platform we will be able to illuminate the breach from beginning to end. Aaron will share lessons learned and highlight both those things which worked as well as things that could have been done better in the investigation. From this presentation, you will gain a complete understanding of how Qakbot infects the network, as well as how to hunt, identify, isolate and remediate the malware infection
|
REGISTER NOW | ||||
|
May 25 |
Duck Hunt! Hunting Qakbot Malware with AXIOM |
Aaron Sparling |
Lecture |
Computer Corporate Investigations |
13:00 EDT |
|
In this Lecture: This presentation will walk the you through the analysis of an actual Qakbot investigation. The presentation will start with the collection of physical memory and filesystem acquisition, pivot through the analysis process, thus eventually ending with identification and attribution. Aaron will illustrate how MAGNET AXIOM can be used to leverage malware investigations by utilizing the embedded volatility framework, connections, artifact analysis, and timeline features. By using these embedded features within the AXIOM analysis platform we will be able to illuminate the breach from beginning to end. Aaron will share lessons learned and highlight both those things which worked as well as things that could have been done better in the investigation. From this presentation, you will gain a complete understanding of how Qakbot infects the network, as well as how to hunt, identify, isolate and remediate the malware infection
|
REGISTER NOW |
Note: Once you’ve registered for MVS21, you will be able to manage all your events via your MVS21 event hub.
Don’t Forget to Share!
Let the entire #DFIR community know that you’re making the most of #MVS2021 by sharing your thoughts and photos!
MVS MERCH
Get YOUR SUMMIT ON
We’re offering exclusive merch to help you get in the spirit of MVS! Check out what apparel we have available and remember that all profits go to Child Rescue Coalition.
Use code MVS2021 at checkout for 10% off!
