Malware Analysis Kampung | SINCON 2025

SINCON 2025 Malware Analysis Kampung provides a safe and engaging environment for participants to learn and share knowledge about malware analysis. The mission of the Kampung is to equip participants with the skills, techniques, and experience needed to understand, research, and combat malware.

Beyond technical training, the Malware Analysis Kampung fosters a strong community where researchers, enthusiasts, and professionals can connect. We welcome everyone — whether you are an artist creating malware-inspired art, hardware researcher discovering unexpected connections to malware analysis, or a seasoned analyst reminiscing about early malware history. Even youth can explore malware through Malmons (Malware Monsters), making cybersecurity education more accessible.

At its core, the Malware Analysis Kampung is about uniting people — newcomers and experts alike — with a shared mission: understanding, analysing, and defending against malware to protect societies.

What to Expect at SINCON 2025 Malware Analysis Kampung?

MARC I: Malware Analysis Report Competition

Participants will get to analyse real malware in USBs, then submit their answer covering what they found from the malware sample provided. Participants are required to find out the characteristics and behaviours of the malware sample e.g., its payload, persistence method, encryption, C2 server, data exfiltration, etc. Additional points will be given to participants if they manage to do a writeup of the malware analysed in a story format, explaining the malware in a way even 5 year olds can understand.

BOMBE: Battle of Malware Bypasss and EDR

Choose our character!

• If you choose to be a EDR developer, your mission to detect, and report suspicious activities on malaware specially crafted by the Malware Analysis Kampung.

• If you opt to be a malware created, you will work on bypassing the Kampung's EDR defences to exfiltrate credentials and send them to a designated server.

Each challenge is a head-to-head match, with the players competing against the Kampung's customised malware or EDR inside a single VM environment.

Come Prepared!

Participants need to bring their own laptops for either of the contests. For MARC I, participants should install disassembler, decompiler or debugger to analyse the mawlare. For BOMBE, the content runs on Windows x64 platform, so it is recommended to set up the appropriate environment beforehand.