Chapter 3. Analyzing the Output of Cuckoo Sandbox

In this chapter, we will discuss how to read the analysis output which was explained in the previous chapter. We will also discuss about APT1 attack (I think you must be familiar with the term APT1, which is recently being discussed quite often). If you have never heard of it you should read the Advanced Persistent Threat (APT) and Insider Threat blog post at http://cyber-defense.sans.org/blog/2012/10/23/advanced-persistent-threat-apt-and-insider-threat. One of the discussions about APT is written by Mandiant, an IT security researching company. The released paper was a shocking report about APT1 attacks. In this report, Mandiant explained about a number of sophisticated malware that were being ...

Get Cuckoo Malware Analysis now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.