Skip to main content

Posts

Showing posts from July, 2017

Five awesome tools to perform behavioural analysis of a malware

Introduction  This post explains about five awesome tools to perform behavioural analysis of a malware. These tools are really handy to perform a quick behavioural analysis to understand the characteristics of malware specimen. The main objective of behavioural analysis is to pull out indicators of compromise to defend and detect proactively. Tools  Process Hacker  (http://processhacker.sourceforge.net/) Process Monitor (ProcMon) ( https://technet.microsoft.com/en-us/sysinternals/processmonitor.aspx) CaptureBat ( https://www.honeynet.org/node/315 ) Microsoft Network Monitor ( https://blogs.technet.microsoft.com/netmon/p/downloads/ ) Autoruns ( https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx ) Disclaimer You are dealing with real malware samples Don’t expose them to internal networks or internet Analyze them in a controlled environments (sandboxes) We are not responsible for any consequences of damage if you fail to obey the rules Analysis  A win