Authors: Erika Noerenberg (Carbon Black)
DFRWS USA 2019
Sunday, July 14, 2019 15:15-17:15
In this workshop, we will explore the newly released NSA reverse engineering platform Ghidra and get our feet wet performing basic analysis on a real-world malware sample. We will cover installation and setup, project creation, features and shortcuts, and decompilation. After covering the basics, we will perform code analysis on a representative sample of malware, walking through the reverse engineering process together on the Ghidra platform. Installation requirements will be provided before the class.
Erika Noerenberg is a Senior Threat Researcher with Carbon Black’s Threat Analysis Unit, with over 15 years of experience in the security industry specializing in digital forensics, malware analysis, and software development. Previously, she worked as a malware analyst at LogRhythm Labs and as a forensic analyst and reverse engineer for the Defense Cyber Crime Center (DC3), performing system and malware examinations in support of intrusions investigations for the Department of Defense and FBI.