Supporting Malware Analysis at Scale

Supporting Malware Analysis at Scale

When analyzing huge number of malware samples, one would want to receive malware configurations in a well-defined, predictable, industry-standard format that can be easily integrated into a security system.

After researching an abundance of options, this report concluded on using the output format defined by the US Defense Cyber Crime Center’s MWCP project.

View this guide to delve deeper into the following:

  • Why Malware developers hide valuable configuration data with layers of abfuscation and evasion;
  • Filtering out useless sandbox artifacts, and having only a list of IOCs that matter;
  • Exploring multiple sandbox project utilisation with community support.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.