MA-01 — Emerging Malware Analysis News/Intel

https://dribbble.com/shots/785543-IE-legacy-warning

Malware written in GoLang

GoLang based malware has been known to spike since the beginning of 2019 and poses a big threat to even experienced Malware Analysts. There are over 53 known malware families known using this language and it is very flexible. Read about it here: https://unit42.paloaltonetworks.com/the-gopher-in-the-room-analysis-of-golang-malware-in-the-wild/

Static Analysis in REMnux

Malwology wrote this article (He’s a SANS610 instructor). He covers some very good Python based tools for statically analysing PE’s, some of those that seem unconventional compared to your current arsenal of tools. He also covers a cool piece on extracting embedded Executables within the ‘Overlay’ Section of Portable Executables, using a PE carving tool in REMnux.

https://malwology.com/2016/02/09/remnux-v6-for-malware-analysis-part-2-static-file-analysis/

APT scanning tool

Tool created by Intezer packed with YARA rules following analysis of 3.5 million pieces of code, shared between the Russian APT samples.

https://apt-ecosystem.com/russia/detector

Intezer — mapping the connections inside Russias APT Ecosystem

https://www.intezer.com/blog-russian-apt-ecosystem/

Malware Analysis — State Of Malware by MalwareBytes

https://resources.malwarebytes.com/files/2019/01/Malwarebytes-Labs-2019-State-of-Malware-Report-2.pdf

SANS FOR610 WebCast — State Of Malware — Recorded Sept 2019

https://www.youtube.com/watch?v=u_Mbh8r7L0E

FireEye’s new tool — StringSifter (Released 08/09/2019)

https://www.fireeye.com/blog/threat-research/2019/09/open-sourcing-stringsifter.html

https://github.com/fireeye/stringsifter/blob/master/README.md

Analysing a malicious spreadsheet dropping a dll

https://blog.nviso.be/2019/09/18/malicious-spreadsheet-dropping-a-dll/

Primer on VBA Macros — Parsing and De-obfuscation

https://newtonpaul.com/static-malware-analysis-with-ole-tools-and-cyber-chef/

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store