Original title: Analysis and Detection of PWS Malware
Authors: Blažek, Jan ; Křoustek, Jakub ; Dzurenda, Petr
Document type: Papers
Language: eng
Publisher: Vysoké učení technické v Brně, Fakulta elektrotechniky a komunikačních technologií
Abstract: Cyberdefense became important, especially duringthe last decade. The rapid growth of information technologiescaused a significant increase in cyber attacks and threats onthe Internet. Malware analysis forms a critical component ofcyberdefense mechanisms. In this article, we study the issue ofmalicious code and its various types, with a specific focus on thetype known as PassWord Stealers (PWS). To do so, we deployedseveral methods of analyzing binary executable code, such asstatic and dynamic analysis, and sandboxing. We analyze 11recently discovered malware families. From that, we discovered3 new strains of malware, namely SevenStealer, NeedleDropper,and AtlantidaStealer. Furthermore, we have created appropriatedetection rules for all of these malware, which have improvedthe detection capabilities of Avast anti-virus (AV) softwareworldwide. At the end of this article, we present the resultingdata illustrating the spread of analyzed malware in the user baseof the Avast company.
Keywords: Dynamic Analysis,Cyber Defence; Info Stealer; Malware; Password Stealer; ReverseEngineering; Static Analysis; YARA
Host item entry: Proceedings II of the 29st Conference STUDENT EEICT 2023: Selected papers, ISBN 978-80-214-6154-3, ISSN 2788-1334

Institution: Brno University of Technology (web)
Document availability information: Fulltext is available in the Brno University of Technology Digital Library.
Original record: http://hdl.handle.net/11012/210656

Permalink: http://www.nusl.cz/ntk/nusl-531762

The record appears in these collections:
Universities and colleges > Public universities > Brno University of Technology
Conference materials > Papers
 Record created 2023-07-23, last modified 2023-08-06

No fulltext
  • Export as DC, NUŠL, RIS
  • Share