Malware often searches for specific artifacts as part of its
"anti-VM\analysis\sandbox\debugging" evasion mechanisms, we will abuse its
cleverness against it.
The "anti-honeypot" approach is a method to repel (instead of luring)
attackers, implemented by creating and modifying those artifacts on the
potential victim's machine.
Once the created artifacts are found by the malware - it will terminate.
The session will include motivations for attackers to use evasion techniques,
some in-the-wild examples and effective countermeasures against it.
A short DIY vaccination live demo will be performed, including the execution
and prevention of a live malware from recent cases (e.g. WannaCry,
NotPetya\EternalPetya).
The script used in the demo to vaccinate the potential victim will be uploaded to GitHub and publicly shared under CC-BY-SA.