MA-01 — Emerging Malware Analysis News/Intel

Malware written in GoLang

GoLang based malware has been known to spike since the beginning of 2019 and poses a big threat to even experienced Malware Analysts. There are over 53 known malware families known using this language and it is very flexible. Read about it here:

Static Analysis in REMnux

Malwology wrote this article (He’s a SANS610 instructor). He covers some very good Python based tools for statically analysing PE’s, some of those that seem unconventional compared to your current arsenal of tools. He also covers a cool piece on extracting embedded Executables within the ‘Overlay’ Section of Portable Executables, using a PE carving tool in REMnux.

APT scanning tool

Tool created by Intezer packed with YARA rules following analysis of 3.5 million pieces of code, shared between the Russian APT samples.

Intezer — mapping the connections inside Russias APT Ecosystem

Malware Analysis — State Of Malware by MalwareBytes

SANS FOR610 WebCast — State Of Malware — Recorded Sept 2019

FireEye’s new tool — StringSifter (Released 08/09/2019)

Analysing a malicious spreadsheet dropping a dll

Primer on VBA Macros — Parsing and De-obfuscation



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store