--[ Not on My Box: Low-Cost, High-Yield Techniques and Services for Ransomware Analysis Within Sandboxed Environments

Personal
$ getent passwd jfernández
.
├─── name: José Fernández
├──── org: CompSec Direct
└─ social:
   ├─ twitter: @compsecdirect
   └─ twitter: @jfersec
Experience

José Fernández is the President and owner of CompSec Direct. He is an InfoSec researcher with over 20 years of experience in the IT field. Jose specializes in InfoSec research by applying offensive methodologies towards practical defensive measures. Jose's background in CNO, CND and engineering has allowed him to work in some of the most technically demanding environments throughout his career in both private and public sector.

Abstract

As more ransomware samples become socialized, the realization that threat actors associated with ransomware groups inevitably take TTPs from past efforts and implement some of the technical and operational aspects into new projects through re-use and re-tooling. This presentation will cover a ransomware campaign that was analyzed in 2020 and how we utilized simple to use techniques and services to identify interesting aspects that made this campaign standout from others. Participants will be able to help reduce analysis time through exposure and familiarization of the techniques and services presented in this talk with the goal helping augment mission readiness and awareness of existing ransomware threats of all participants.