Overview
Syllabus
Intro
AV Problem
Marketing Problem
Missing Criteria
Researcher's Problem
Incident Responder's Problem
Sample Identification
Locating Associated Samples
Shared Engines
Development Methods
Vendors with Usable Results
Boiling Down Results
ATT&CK & Granularity
SEH Variation
Malpedia
Malware Classification Systems
Some Hashes
Exif metadata
Code Signing Certificate
Abused Certificates
PE Metadata
Sections
Resources
Document Metadata
Filenames
URL Structure: Download
URL Structure: C2
Mutual Exclusion (Mutex)
Registry key
Algorithms
Infosec Finer Things
Diamond Model
Control Flow Graph Analysis
Schema: STIX
JSON for Linking Data: JSON-LD
RDF N-Quad
Graph Tools: Graph Databases
Network Graph