Overview
Syllabus
Intro
Why Do I Need A Malware Analysis Lab?
Malware Analysis Process Entry Points
Open Source Malware Analysis Tools
More Than Just Dynamic Analysis
Cuckoo Sandbox Flavors
Cuckoo Modified
Cuckoo Next Generation
What if the Malware is VM or Sandbox Aware?
Cuckoo Output
Wolf in Sheep's Clothing
Thug Output
Extracted Files
Malware Command and Control Traffic
Collected Lots of Indicators
Bro Output
What is the Volatility Framework?
Operating System Support
Volatility Output
Cuckoo, Thug, Bro Process
Volatility. Thug, Cuckoo Process
Orchestration and Automation