MA-01 — Emerging Malware Analysis News/Intel
Malware written in GoLang
GoLang based malware has been known to spike since the beginning of 2019 and poses a big threat to even experienced Malware Analysts. There are over 53 known malware families known using this language and it is very flexible. Read about it here: https://unit42.paloaltonetworks.com/the-gopher-in-the-room-analysis-of-golang-malware-in-the-wild/
Static Analysis in REMnux
Malwology wrote this article (He’s a SANS610 instructor). He covers some very good Python based tools for statically analysing PE’s, some of those that seem unconventional compared to your current arsenal of tools. He also covers a cool piece on extracting embedded Executables within the ‘Overlay’ Section of Portable Executables, using a PE carving tool in REMnux.
APT scanning tool
Tool created by Intezer packed with YARA rules following analysis of 3.5 million pieces of code, shared between the Russian APT samples.