Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Barncat - Using MISP for Bulk Surveillance of Malware

Cooper via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Learn about using MISP (Malware Information Sharing Platform) for bulk surveillance of malware in this conference talk from the MISP Summit 2017. Explore the benefits of malware config ripping as an alternative to resource-intensive dynamic analysis. Discover the tools needed to get started and understand the potential applications of malware configurations, including sinkholing for victim notification. Examine sample data from DarkComet malware and analyze example configurations to gain deeper insights. Follow along as the speaker demonstrates how to dig deeper into malware campaigns and access the Barncat platform for enhanced threat intelligence. Gain valuable knowledge on leveraging MISP for more effective malware analysis and threat detection.

Syllabus

Barncat: Using MISP for Bulk Surveillance of Malware
Introduction • Manager of Threat Systems with Fidelis Cybersecurity
Malware Config Ripping - Dynamic analysis is good, but bin may not run correctly and is resource intensive
Your Starter Kit
What can you do with malware configs? • Sinkholing for victim notification is a possibility
Sample DarkComet Data
Example Config
What can you do with this?
Digging deeper
Dark Comet Campaign
Barncat Access

Taught by

Cooper

Reviews

Start your review of Barncat - Using MISP for Bulk Surveillance of Malware

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.