Tracking Samples on a Budget

Botconf 2019
2023-04-24 | 12:15 – 12:35

Alexandre Holzer 🗣

I would like to present a feedback on my own experience developing and running a malware tracker (feeds, development choices, architectures, methodologies, crawling heuristics, data pivots, special cases, deception and results) to make a collection from open source data and almost for free. At the time I was student in computer security. 2 years ago, I got interested in learning how to find fresh malware samples in the wild and how to analyze them. I discovered some existing malware samples and C2 trackers like Cybercrime, Malc0de or Malekal which gave me some inspiration. Apart from the fact that it seems to be a French specialty, I have been very interested in learning to understand how they can work and to develop mine. This project is about finding URL spreading malicious files, filtering samples with specific features, process it over multiple analyzers and store it.

Slides Icon

Scroll to Top