BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//hack-lu-2023//speaker//EFXL9W
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-hack-lu-2023-RGZCBL@pretalx.com
DTSTART;TZID=CET:20231016T173000
DTEND;TZID=CET:20231016T175000
DESCRIPTION:Research in the field of bypassing AV solutions and the role of
  cryptography in malware development. Application of classical\ncryptograp
 hic algorithms for payload and C2 communicate encryption. Practical resear
 ch has been carried out: the results of\nusing Skipjack\, TEA\, Madryga\, 
 RC5\, A5/1\, Z85\, DES\, mmb\, Kuznechik\, etc. encryption algorithms have
  been analysed. The\napplication of cryptography based on elliptic curves 
 is also being researched. How does all this affect the VirusTotal detectio
 n\nscore and how applicable is it for bypassing AV solutions (AV bypass). 
 In some researched practical cases\, we get FUD malware.\nBypass AV Kasper
 sky\, Windows Defender. ESET NOD32 in some practical cases.\nReverse engin
 eering and code reconstruction with malware development tricks from ransom
 ware and malware like Conti\, Snowyamber\, Paradise Ransomware\, CopyKitte
 ns\, etc. Discover new tricks from Russian APT29 related malware.
DTSTAMP:20260420T123424Z
LOCATION:Salle Europe
SUMMARY:Malware AV evasion tricks. Cryptography in malware - cocomelonc
URL:https://pretalx.com/hack-lu-2023/talk/RGZCBL/
END:VEVENT
END:VCALENDAR