.png)
4 years ago
176 BOOK THIS SPACE FOR AD
ARTICLE AD
GoLang based malware has been known to spike since the beginning of 2019 and poses a big threat to even experienced Malware Analysts. There are over 53 known malware families known using this language and it is very flexible. Read about it here: https://unit42.paloaltonetworks.com/the-gopher-in-the-room-analysis-of-golang-malware-in-the-wild/
Malwology wrote this article (He’s a SANS610 instructor). He covers some very good Python based tools for statically analysing PE’s, some of those that seem unconventional compared to your current arsenal of tools. He also covers a cool piece on extracting embedded Executables within the ‘Overlay’ Section of Portable Executables, using a PE carving tool in REMnux.
https://malwology.com/2016/02/09/remnux-v6-for-malware-analysis-part-2-static-file-analysis/
Tool created by Intezer packed with YARA rules following analysis of 3.5 million pieces of code, shared between the Russian APT samples.
https://apt-ecosystem.com/russia/detector
https://www.intezer.com/blog-russian-apt-ecosystem/
https://www.youtube.com/watch?v=u_Mbh8r7L0E
https://www.fireeye.com/blog/threat-research/2019/09/open-sourcing-stringsifter.html
https://github.com/fireeye/stringsifter/blob/master/README.md
https://blog.nviso.be/2019/09/18/malicious-spreadsheet-dropping-a-dll/
https://newtonpaul.com/static-malware-analysis-with-ole-tools-and-cyber-chef/
Bengali (Bangladesh) · 
English (United States) ·