Version alpha

lecture: Cloudy With a Chance of Malware

Analyzing the Links Between KASPERAGENT and Cloudy Malware

Event large

In 2017, KASPERAGENT and a malware we’re calling Cloudy were identified emanating from threat actors operating in the Middle East and possibly targeting individuals in the Palestinian Territories. The threat actors used decoy documents with Palestinian Authority letterhead and a unique dropper to deliver the malware. In this presentation we’ll discuss these two malware variants and potential connections between the two, focusing specifically on analytical techniques researchers and security personnel can use to analyze this and similar activity in the future.


Day: 2018-06-15
Start time: 11:30
Duration: 00:30
Room: Grand salon
Track: Malware Reverse Engineering



Concurrent Events