The talk builds upon our previous talk, 'Triaging Suspicious Artifacts'. We dive deeper into a suspicious artifact learning as much as we can about its capability, purpose, and origin. We will demonstrate how the output from our analysis serves as input into threat intelligence and threat hunts.

Ttheveii0x specializes in malware analysis, cyber threat intelligence and threat hunting. He has extensive experience with malware analysis, binary reverse engineering, Linux, Unix, and Windows operating systems, software development, application security, digital forensics and incident response. Ttheveii0x is deeply involved in the infosec/hacker community as both a leader and organizer of several security groups. Ttheveii0x is a Director of Blue Team Village, which has been part of DEF CON and other security conferences since 2018. He also leads the DC215 security community and is one of the organizers of WOPR Summit. Ttheveii0x enjoys creating capture the flag exercises, training, and mentoring in the information security community. Ttheveii0x works to develop cybersecurity training that is released to the public in the interest of developing new cybersecurity talent and training current practitioners.

Jonas Eichinger currently works as a Sr. Consultant for Security Risk Advisors. His focus is Digital Forensics & Incident Response, malware reverse engineering, defensive tool development, and cloud security. Any time not spent taking apart payloads, investigating security incidents, or knowledge sharing is divvied up between fermenting cabbage, collecting vintage computers, and fixing old Volvo station wagons. Those are normal hobbies, right… right?