Tweet
Contest Description:
In MARC I (Malware Analysis Report Competition I), participants collect and analyze real malware, then write an analysis report like a story, covering the entire scope of who, what, when, where, why, and how they found and analyzed the malware.
MARC I was created by Lena Yu (aka LambdaMamba) to provide malware enthusiasts with an opportunity to learn and showcase their passion and skills. Mastering malware analysis means mastering language. Essentially, we take a highly technical concept and simplify it into something that many can understand, similar to how a compiler translates high-level language into low-level language that a wide range of systems can understand.
When participants open-source and publish their work, it greatly contributes to improving the field of cyber defense. Let's make malware analysis knowledge go viral!
Overview of the competition:
Competitive:
Casual:
Schedule:
*The DEFCON venue is open from 10:00 to 18:00 PDT on Aug 9 and Aug 10. *If participants would like to work on their analysis outside of this time, please do it elsewhere.
General Rules:
Rules for Competitive:
Our X: @DigitalPlagueDr
DEF CON website: DEFCON Malware Competition
If you have any questions, please email: digitalplaguedoctors@gmail.com
Please check our X and Forum regularly, as we will be posting updates there.
MARC I Sign-up Form: https://forms.gle/GJs9VCgMYtHEVwJU9
In MARC I (Malware Analysis Report Competition I), participants collect and analyze real malware, then write an analysis report like a story, covering the entire scope of who, what, when, where, why, and how they found and analyzed the malware.
MARC I was created by Lena Yu (aka LambdaMamba) to provide malware enthusiasts with an opportunity to learn and showcase their passion and skills. Mastering malware analysis means mastering language. Essentially, we take a highly technical concept and simplify it into something that many can understand, similar to how a compiler translates high-level language into low-level language that a wide range of systems can understand.
When participants open-source and publish their work, it greatly contributes to improving the field of cyber defense. Let's make malware analysis knowledge go viral!
Overview of the competition:
- There will be 2 categories of participation: competitive and casual.
- The reports of the competitive participants will be evaluated and will be eligible for prizes.
- The reports of the casual participants will not be evaluated; it is more of a learning experience.
- Participants will receive special swag!
- MARC I @ DEF CON 32 is an on-site only event.
Competitive:
- Preparation before DEFCON:
- Please first sign-up using this form: https://forms.gle/GJs9VCgMYtHEVwJU9
- The "family" of malware will be announced on Aug 1 at 23:59 PDT.
- Find real malware in this "family" in the wild.
- Bring the malware to DEFCON.
- During DEFCON:
- Please do not prepare a report in advance of DEFCON.
- The "writing theme" will be announced on Aug 9 at 11:00 PDT at DEFCON.
- Analyze and write a report using that "writing theme" from Aug 9 (Friday) 11:00 to Aug 10 (Saturday) 18:00 PDT.
- The report deadline is Aug 10 at 18:00 PDT.
Casual:
- Preparation before DEFCON:
- Please first sign-up using this form.
- No preparation required, can also sign up on the spot.
- During DEFCON:
- Receive a random malware from the organizers, or find your own.
- Analyze the malware and write a report.
- More of a learning experience.
Schedule:
- Sign-up form deadline: July 26 at 23:59 PDT (Deadline is for competitive, but not for casual).
- Announce Family of Malware: Aug 1 at 23:59 PDT.
- Registration: Aug 9 (Friday) 10:00 ~ 11:00 PDT.
- Analysis and Report writing: Aug 9 (Friday) 11:00 to Aug 10 (Saturday) 18:00 PDT.
- Closing Ceremony: Aug 11 (Sunday) 11:00 ~ 12:00 PDT.
*The DEFCON venue is open from 10:00 to 18:00 PDT on Aug 9 and Aug 10. *If participants would like to work on their analysis outside of this time, please do it elsewhere.
General Rules:
- Please do not abuse the knowledge and resources from this competition.
- Please do not distribute the malware samples for commercial or malicious use.
- Please do not execute the malware samples in an environment that is not intended for malware analysis. This includes devices with sensitive data, devices connected to a real network, etc.
- Please use an isolated and sandboxed environment intended for malware analysis.
- Please carefully read and agree to the T&C, stated in this sign-up form.
Rules for Competitive:
- The report should comprehensively cover who, what, when, where, why, and how the malware was found and analyzed.
- Team of 1 to 3 people.
- You must verify your identity at DEFCON.
- You must publish your write-up.
- Please write on Google Docs, so we know who wrote which part.
- You must submit the report in PDF format for evaluation.
- Under 1000 words in English.
- Include screenshots.
- Please defang malicious links, redact private information, etc.
- You may not receive help from people outside your team.
- Cite all sources; plagiarism will be punished.
- The report will be evaluated based on various categories by a team of experts and the community.
- Novelty or relevance
- Availability of a detailed description with examples and screenshots
- Methodologies used
- Report detailing
- Coverage
- Originality
Our X: @DigitalPlagueDr
DEF CON website: DEFCON Malware Competition
If you have any questions, please email: digitalplaguedoctors@gmail.com
Please check our X and Forum regularly, as we will be posting updates there.
MARC I Sign-up Form: https://forms.gle/GJs9VCgMYtHEVwJU9
Attached Files
Comment