Quick, Easy, Malware Investigations and Threat Hunting
Bsides Austin 2024 This is my talk for BSIDES Austin 2024
Malware Investigations Why do internal malware analysis? Existing tools Virustotal, JoeSandbox, etc. Protect sensitive information from 3rd parties. Freedom from reliance on one tool or platform. Malware is scary and dangerous, put in a box (container). Malware is scary. Malware is dangerous. So it’s best to analyze in a “contained” environment.
Virtual Machines Containers (Docker, Podman, etc) Working with Malware Samples Safely moving malware around to later analyze can be daunting.
Read more...