Patrick Kuo
Patrick Kuo
Senior Threat Researcher
TXOne Networks

Patrick Kuo is currently working at TXOne Networks in vulnerability research and technical development. His main responsibilities include analyzing network traffic, malicious programs, and developing Hunting Systems, Hunting Agents, and Threat Atlas to obtain the most up-to-date attack intelligence. In addition, he has spoken at BlackHat Europe, FIRST, CYBERSEC, and HITCON.

SPEECH
5/16 (Thu.) 16:30 - 17:00 1F 1A Threat Research Forum
Some things about the Downloader Scripts of the 2nd Stage Malware

In the ever-expanding global cyberspace, malicious activities coerce users into downloading harmful files from specific URLs, posing severe threats. Our research introduces an automated crawler agent as a countermeasure. It systematically analyzes malicious payloads captured by our threat hunting system, extracting vital intelligence on Command and Control (C&C) servers. Identified malicious files are efficiently downloaded for thorough scrutiny. The crawler agent has unveiled elusive files targeting diverse system architectures, surpassing traditional network payload analysis. Our integrated pipeline streamlines download and analysis, revealing specific network attack patterns in real time. This proactive approach empowers us to comprehend the latest malicious files within evolving network attack behaviors, enhancing cybersecurity against emerging threats.