In the case of advanced or targeted cyber attack, there is often need to analyze the malicious code found during incident response.
Aim of malware analysis is:
-
Identify the type of malware
-
Identify if the malware is custom crafted or run of the mill one
-
Extract malware configuration – if possible
-
Identify malware functionalities
-
Attribute malicious code to threat actor or campaign
-
Identify options to disturb malware process (relevant in case of advanced malwares, with advanced defense mechanism which can’t be detected or removed by commercial EDRs or AV)
-
Creating special-purpose “malware antibodies” in case standard EDRs or antimalware able to detect or react to malware“
Why IstroSec?
Our malware analytics have multiple years of experience with dealing with analyzing malware. They gave numerous trainings, created community open-source tools, published multitude of whitepapers and always keep up with recent developments in security community.