THE HACKERS MEET-UP — February Event

6 min readMar 4, 2024

“The Hackers Meet-up” is a monthly must attend Meet-up which features in the calendars of security researchers, hackers and professionals around the nation.

The event aims to bring together primarily security researchers, hackers, business leaders, entrepreneurs but also includes practitioners from academia, industry, government organizations as well as students to elaborate and discuss the IT Security challenges that we are facing today and also about the next generation computer security issues.

This month’s meetup was on the topic of Malware Analysis and Reverse Engineering. The meetup was held at i-hub, KCG Campus, Navrangpura, Ahmedabad, from 10:00 am to 2:00 pm. Our honorable speakers were Mr. Swapnil Pandya and Mr. Nirav Parekh. A lot of attendees from different universities attended, with some professionals joining them.

Session one:

The meetup was hosted by our Documentation Team Leader, Aastha Thakker, ensured that the sacrifice of a Sunday morning wouldn’t go to waste, as she engaged all the participants. The first session was taken by Mr. Swapnil Pandya.

Mr. Swapnil Pandya, with 5–6 years of experience in the industry, including working with big giants like Morgan Stanley and Adani, and currently with Liminal, proceeded to discuss his own startup, Inferno Infosec LLP. He possesses vast expertise in Web penetration testing, application penetration testing, and cyber forensics. The topic of his presentation was ‘STAY CALM & LET MALWARE DO ITS WORK!’. Mr. Pandya initiated the event by explaining what malware is and providing a brief history, covering its invention to the most affected malware found to date.

The first part of the program included an insightful examination of the history of malware, including its beginnings and development over time. Malware, originating in the 1970s with viruses like Creeper, has evolved into a multifaceted threat landscape. Types include viruses, worms, Trojans, ransomware, spyware, and adware. Each variant targets systems differently, from replicating through files to stealthily gathering data or bombarding users with ads. This continual evolution underscores the ongoing challenge of cybersecurity, as cybercriminals adapt tactics to exploit vulnerabilities and infiltrate digital ecosystems. The focus then turned to the important facts of malware analysis with 7 various common method including:

· Static Analysis (Examining malware code and structure without execution)

· Dynamic Analysis (Running malware in a controlled environment to observe behavior)

· Behavioral Analysis (Observing malicious actions and their impact on the system)

· Code Reversing (Reverse engineering malware code to understand its logic)

· Memory Analysis (Analyzing malware interactions with system memory),

· Network Traffic Analysis (Monitoring network communications initiated by malware)

· YARA Rules (Using pattern-matching rules to identify known malware or characteristics)

Participants gained knowledge of the techniques and tools used to break down and comprehend dangerous code. In addition, participants took part in hands-on exercises where they saw Mr. Pandya executing malware in real time into the virtual machine to obtain insights into its behavior. The speaker conducted a live demonstration featuring the famous WannaCry malware, vividly depicting its instantaneous impact on computer systems. Within seconds, the audience observed files being encrypted and ransom demands materializing on screens. The presentation served as a powerful reminder of the importance that strong cybersecurity defenses are in the face of changing threats. The speaker took questions from the audience, which sparked a lively discussion regarding malware analyses.

Second Session

The session was conducted by Mr. Nirav Parekh, who has a total experience of 7+ years in cybersecurity. He is working as Snr Threat Researcher at Sophos. Specializing in the field of malware reversing, anti-spam, threat intelligence and is an NFSU Alumni. He presented on the topic “Malware Analysis & Reversing”. In this session he provided a comprehensive overview of cybersecurity and information security, various areas of cyber security such as network security, encryption, threat intelligence, incident response, identity and access management, & protection against evolving threats. A detail overview of the cyber-attack kill chain which refers to the various stages involved in a successful cyber-attack, from the initial planning and reconnaissance phase to the final stage of achieving the attacker’s objective. These stages typically include:

· Reconnaissance: Harvesting email addresses, conference information etc.

· Weaponization: coupling exploit with backdoor into deliverable payload

· Delivery: delivering weaponized bundle to the victim via email, web, USB etc.

· Exploitation: exploiting a vulnerability to execute code on victims' system,

· Installation: installing malware on the assets

· Command and Control (C2): command for remote manipulation of victim

· Actions on Objectives: With “Hands on Keyboard” access, intrurders accomplish their original goals

He also gave an overview on Malware Analyses and Reverse Engineering — how to setup lab for network, static and dynamic analysis.

• Disassemblers -Ida (Free) ,Ghidra, Radare

•Debuggers- X64dbg, OllyDbg, Immunity, Windbg, dnSpy, ILSpy

· Decompilers — Dotpeek .Net decompiler, Snowman (x64dbg plugin)

•Information Gathering Tools- CFF Explorer, PE Explorer, PeStudio, Procmon, ProcessExplore, ProcessHacker, API Moniter, InetSim Wireshark, Fiddler, HxD, Exeinfo PE

He concluded with live malware analyses.

QUIZZ

To enhance the interactive atmosphere of the session, an engaging online quiz was organized by Urmit Tajwala (Core Team Lead) and Mr. Prashant Bhavsar (Chapter lead) sir adding an element of excitement and friendly competition to the event. Participants were challenged with ten thought-provoking questions related to cybersecurity, testing their knowledge and understanding of key concepts discussed during the meetup. The top three winners were announced, each rewarded with swag items as tokens of recognition for their impressive performance and dedication to learning.

Snacks And Networking

The conclusion of the meetup was marked by a heartwarming group photo, capturing the collective enthusiasm among attendees. Everyone gathered to celebrate the end of the event and to think back on the stimulating discussions and useful learning opportunities that had taken place during the session. To add a delightful touch, snacks were provided to all attendees. Participants were open to networking to their fellow individuals from different cybersecurity background and shared their common interests and aspiration in cybersecurity. It was evidence of the strong sense of community that prevailed at the meetup, where amateurs and experts gathered to share knowledge, collaborate, and establish important contacts for their next projects.