Reverse Engineering Intern
Department: Mandiant/FLARE
My experience
Overview
I reverse engineer ransomware through tickets on the queue. Analyzed the REvil payload in the Kaseya ransomware incident and wrote an analysis blog on it for the company to publish.
Pros
Super chill team, super fun work
Cons
None
Would recommend it to people who...
is into assembly code and malware
Impact of work
Time spent working
How did working remote affect your experience?
Being remote doesn't affect the experience cause I have a remote team.
Interview advice
How did you find the job / apply?
Interview Rounds
Interview type
Interview questions
1. Here is a piece of assembly code. What is it doing? (medium) 2. If you had to write a program to launch shellcode, how would you write it? (Hard) 3. How do you recognize Base64 encoding? (Easy) 4. Given a piece of malware, how would you begin analyzing it? Walkthrough all the steps (Hard) 6. Explain RunPE-Process Hollowing (medium) 7. Have you written malware? If so, what did you write? In what language? Can you provide the pros and cons of writing malware in those languages? (easy) 8. What is binary similarity? How is it used in malware analysis? (medium)
Advice on how to prepare
It is helpful to know how to read and write assembly code. Knowledge of malware internals also helps.
More questions? Send the reviewer a message!