MA-01 — Emerging Malware Analysis News/Intel

https://dribbble.com/shots/785543-IE-legacy-warning

Malware written in GoLang

GoLang based malware has been known to spike since the beginning of 2019 and poses a big threat to even experienced Malware Analysts. There are over 53 known malware families known using this language and it is very flexible. Read about it here: https://unit42.paloaltonetworks.com/the-gopher-in-the-room-analysis-of-golang-malware-in-the-wild/

Static Analysis in REMnux

Malwology wrote this article (He’s a SANS610 instructor). He covers some very good Python based tools for statically analysing PE’s, some of those that seem unconventional compared to your current arsenal of tools. He also covers a cool piece on extracting embedded Executables within the ‘Overlay’ Section of Portable Executables, using a PE carving tool in REMnux.

https://malwology.com/2016/02/09/remnux-v6-for-malware-analysis-part-2-static-file-analysis/

APT scanning tool

Tool created by Intezer packed with YARA rules following analysis of 3.5 million pieces of code, shared between the Russian APT samples.

https://apt-ecosystem.com/russia/detector

Intezer — mapping the connections inside Russias APT Ecosystem

https://www.intezer.com/blog-russian-apt-ecosystem/

Malware Analysis — State Of Malware by MalwareBytes

https://resources.malwarebytes.com/files/2019/01/Malwarebytes-Labs-2019-State-of-Malware-Report-2.pdf

SANS FOR610 WebCast — State Of Malware — Recorded Sept 2019

https://www.youtube.com/watch?v=u_Mbh8r7L0E

FireEye’s new tool — StringSifter (Released 08/09/2019)

https://www.fireeye.com/blog/threat-research/2019/09/open-sourcing-stringsifter.html

https://github.com/fireeye/stringsifter/blob/master/README.md

Analysing a malicious spreadsheet dropping a dll

https://blog.nviso.be/2019/09/18/malicious-spreadsheet-dropping-a-dll/

Primer on VBA Macros — Parsing and De-obfuscation

https://newtonpaul.com/static-malware-analysis-with-ole-tools-and-cyber-chef/

Twitter: @mikecybersec

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Dylan’s Notes of Let’s Encrypt(letsencrypt)

DearCry Ransomware Attacks Unpatched Microsoft Exchange Mail Servers

Online frauds A timeline and lates wave

Squeamish ossifrage — the entangled tale of Alice and Bob

Fantastic Security Breaches and Where to Find Them

How to Protect ITAR Data, and Report if it Gets Out

Solo DRIP💧Wallets Will Earn Just As Much As Team Wallets. Here’s Why. (UPDATE!)

Baseline Security Check II

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
@mikecybersec

@mikecybersec

Twitter: @mikecybersec

More from Medium

Bypassing Defender’s self-protect mechanism

CrowSec EdTech Write-Up: Poisoning

Concept of Image and Evidence in Digital Forensics

Internal Walkthrough(Hard) — THM