Incident Response Training, Essential Malware Analysis- Day 21
In this full series we will talk about Incident Response and it will be a Free Training Course for everyone. Today is Day-21 and we are going to talk about Essential Steps that every Incident Responder need to know for doing Malware Analysis. ?Once you know the manual process it is also necessary for us to automate the whole game. And then Intezer comes into play. Intezer automates security operations by simulating the complex decision-making process and threat analysis skills of experienced analysts. Integrate with your existing workflows (EDR, SOAR, SIEM, etc.) to automate analysis and reverse engineering of potential threats, while streamlining alert triage, incident response and threat hunting. ?Sign up Today- https://analyze.intezer.com/ ?Malware Analysis is a very large topic which requires real patience, knowledge, skills and lot more things. Also it requires real amount of time if we want to go real deep on the code level of analysis and want to read or understand what is the actual assembly level code all about. But in Incident Response or in Security Operations, mostly while doing analysis we also need to know some basic steps while will open the decision making and identify the next course of actions for any particular incident. For example, ✅We need to know what is the malware type/family. ✅What are it's static properties ✅Any interesting strings or IOCs hidden on the sample. ✅How is the behavior of the sample ✅What is the TTP and MITRE mapping of the malware family ✅Any quickly identifiable IOCs after executing the sample So in today's episode, we will cover all. We will take some malware samples and explain everything. So, watch the full episode if you want to become BOSS of your SOC!! ?Related Episodes- ------------------------------------------------------------------------------------------------------------------------- 1. Create your Lab- https://youtu.be/zyjwo8z3PtU 2. Malware Analysis Bootcamp- https://youtu.be/D3inDM8kM-Y WATCH BELOW Playlists as well, if you want to make your career in DFIR and Security Operations!! ------------------------------------------------------------------------------------------------------------------------- INCIDENT RESPONSE TRAINING Full Course ?https://youtube.com/playlist?list=PLjWEV7pmvSa4yvhzNsCjOJovOn1LLyBXB DFIR Free Tools and Techniques ? https://youtube.com/playlist?list=PLjWEV7pmvSa6f-NTpXsaUYWZLjLAB_0TS Windows and Memory Forensics ? https://youtube.com/playlist?list=PLjWEV7pmvSa50erciZUSnzvE7nK0FyvsH Malware Analysis ? https://youtube.com/playlist?list=PLjWEV7pmvSa6u32RongesgDtkfKBfrFWW SIEM Tutorial ? https://youtube.com/playlist?list=PLjWEV7pmvSa7cXTkCppnYHERUdy8Dd71x Threat Hunt & Threat Intelligence ? https://youtube.com/playlist?list=PLjWEV7pmvSa5UTZlsWp5wRnURNbeMS-fu ⌚ Timelines ------------------------------------------------------------------------------------------------------------------------- 0:00 ⏩ Introduction 1:22 ⏩ Static Analysis- pestudio 6:21 ⏩ Static Analysis- floss 8:58 ⏩ Static Analysis- capa 10:34 ⏩ Dynamic Analysis 18:13 ⏩ Automation using Intezer 21:17 ⏩ Detect & Hunt using Intezer 23:19 ⏩ Scan suspected Machine with Intezer 27:17 ⏩ Integration with EDR, SOAR, SIEM 31:03 ⏩ Summarize ?? FOLLOW ME EVERYWHERE- ------------------------------------------------------------------------------------------------------------------------- ✔ LinkedIn: https://www.linkedin.com/company/blackperl ✔ You can reach out to me personally in LinkedIn as well- https://bit.ly/38ze4L5 ✔ Twitter: @blackperl_dfir ✔ Git: https://github.com/archanchoudhury ✔ Insta: (blackperl_dfir)https://www.instagram.com/blackperl_dfir/ ✔ Can be reached via archan.fiem.it@gmail.com SUPPORT BLACKPERL ------------------------------------------------------------------------------------------------------------------------- ╔═╦╗╔╦╗╔═╦═╦╦╦╦╗╔═╗ ║╚╣║║║╚╣╚╣╔╣╔╣║╚╣═╣ ╠╗║╚╝║║╠╗║╚╣║║║║║═╣ ╚═╩══╩═╩═╩═╩╝╚╩═╩═╝ ➡️ SUBSCRIBE, Share, Like, Comment ☕ Buy me a Coffee ? https://www.buymeacoffee.com/BlackPerl ? Sponsorship Inquiries: archan.fiem.it@gmail.com ------------------------------------------------------------------------------------------------------------------------- ? Thanks for watching!! Be CyberAware!! ?
In this full series we will talk about Incident Response and it will be a Free Training Course for everyone. Today is Day-21 and we are going to talk about Essential Steps that every Incident Responder need to know for doing Malware Analysis. ?Once you know the manual process it is also necessary for us to automate the whole game. And then Intezer comes into play. Intezer automates security operations by simulating the complex decision-making process and threat analysis skills of experienced analysts. Integrate with your existing workflows (EDR, SOAR, SIEM, etc.) to automate analysis and reverse engineering of potential threats, while streamlining alert triage, incident response and threat hunting. ?Sign up Today- https://analyze.intezer.com/ ?Malware Analysis is a very large topic which requires real patience, knowledge, skills and lot more things. Also it requires real amount of time if we want to go real deep on the code level of analysis and want to read or understand what is the actual assembly level code all about. But in Incident Response or in Security Operations, mostly while doing analysis we also need to know some basic steps while will open the decision making and identify the next course of actions for any particular incident. For example, ✅We need to know what is the malware type/family. ✅What are it's static properties ✅Any interesting strings or IOCs hidden on the sample. ✅How is the behavior of the sample ✅What is the TTP and MITRE mapping of the malware family ✅Any quickly identifiable IOCs after executing the sample So in today's episode, we will cover all. We will take some malware samples and explain everything. So, watch the full episode if you want to become BOSS of your SOC!! ?Related Episodes- ------------------------------------------------------------------------------------------------------------------------- 1. Create your Lab- https://youtu.be/zyjwo8z3PtU 2. Malware Analysis Bootcamp- https://youtu.be/D3inDM8kM-Y WATCH BELOW Playlists as well, if you want to make your career in DFIR and Security Operations!! ------------------------------------------------------------------------------------------------------------------------- INCIDENT RESPONSE TRAINING Full Course ?https://youtube.com/playlist?list=PLjWEV7pmvSa4yvhzNsCjOJovOn1LLyBXB DFIR Free Tools and Techniques ? https://youtube.com/playlist?list=PLjWEV7pmvSa6f-NTpXsaUYWZLjLAB_0TS Windows and Memory Forensics ? https://youtube.com/playlist?list=PLjWEV7pmvSa50erciZUSnzvE7nK0FyvsH Malware Analysis ? https://youtube.com/playlist?list=PLjWEV7pmvSa6u32RongesgDtkfKBfrFWW SIEM Tutorial ? https://youtube.com/playlist?list=PLjWEV7pmvSa7cXTkCppnYHERUdy8Dd71x Threat Hunt & Threat Intelligence ? https://youtube.com/playlist?list=PLjWEV7pmvSa5UTZlsWp5wRnURNbeMS-fu ⌚ Timelines ------------------------------------------------------------------------------------------------------------------------- 0:00 ⏩ Introduction 1:22 ⏩ Static Analysis- pestudio 6:21 ⏩ Static Analysis- floss 8:58 ⏩ Static Analysis- capa 10:34 ⏩ Dynamic Analysis 18:13 ⏩ Automation using Intezer 21:17 ⏩ Detect & Hunt using Intezer 23:19 ⏩ Scan suspected Machine with Intezer 27:17 ⏩ Integration with EDR, SOAR, SIEM 31:03 ⏩ Summarize ?? FOLLOW ME EVERYWHERE- ------------------------------------------------------------------------------------------------------------------------- ✔ LinkedIn: https://www.linkedin.com/company/blackperl ✔ You can reach out to me personally in LinkedIn as well- https://bit.ly/38ze4L5 ✔ Twitter: @blackperl_dfir ✔ Git: https://github.com/archanchoudhury ✔ Insta: (blackperl_dfir)https://www.instagram.com/blackperl_dfir/ ✔ Can be reached via archan.fiem.it@gmail.com SUPPORT BLACKPERL ------------------------------------------------------------------------------------------------------------------------- ╔═╦╗╔╦╗╔═╦═╦╦╦╦╗╔═╗ ║╚╣║║║╚╣╚╣╔╣╔╣║╚╣═╣ ╠╗║╚╝║║╠╗║╚╣║║║║║═╣ ╚═╩══╩═╩═╩═╩╝╚╩═╩═╝ ➡️ SUBSCRIBE, Share, Like, Comment ☕ Buy me a Coffee ? https://www.buymeacoffee.com/BlackPerl ? Sponsorship Inquiries: archan.fiem.it@gmail.com ------------------------------------------------------------------------------------------------------------------------- ? Thanks for watching!! Be CyberAware!! ?