Explore advanced malware emulation techniques in this conference talk from OSDFCon 2019. Dive into Binee, a new Windows Process emulator that creates a nearly identical Windows process memory model, mimics the OS kernel, and outputs detailed function call descriptions. Learn how Binee collects dynamic analysis data at speeds comparable to static analysis tools, including obfuscated or packed function calls. Discover the debug mode resembling gdb, allowing for breaking, memory and register modifications, and function parameter adjustments. Understand Binee's potential as a framework for future projects, including ELF and Mach-O binary support. Gain insights into rapid examination of control flow and function arguments, valuable for reverse engineers and vulnerability researchers. Follow the speaker's journey through overcoming challenges in PE emulation, implementing hook tables, parsing ApiSet abstraction layers, and creating mock file systems and registry subsystems. Explore the process of implementing missing hooks and increasing emulation fidelity for comprehensive malware analysis. Read more