10 Years of Large-Scale Malware Comparison: Going Deeper With Machoke YouTube video by botconf eu

I'm glad to share my talk at @botconf.infosec.exchange.ap.brid.gy 2025!
Do you want to know how we compare a sample with 150k others in seconds on @exalyze.bsky.social? This talk is made for you🚀
At the end, you'll get a hint on what's coming next for Exalyze 😉
youtube.com/watch?v=TS8X...
exalyze.io

I wanted to know how WMI Win32_OperatingSystem.Caption get the correct Version number (ex: "Microsoft Windows 11 Pro").

Turns out it's a DLL export: winbrand!BrandingLoadString.
And there is a patent for that : patentimages.storage.googleapis.com/94/ab/cb/7c1...

A companion blog to my Bluehat 2024 presentation on OleView.NET is up now. googleprojectzero.blogspot.com/2024/12/wind...

3+ YEARS of stealth! We uncovered new tactics used by the perfctl malware, including a userland rootkit & an SSH backdoor (a single SPACE in /etc/passwd!). More insights: blog.exatrack.com/Perfctl-usin... #cybersecurity #threat_hunting #linux #infosec #perfctl #rootkit #ssh #exatrack