Chapter 4: A Word on Automated Sandboxing

In the last chapter, we discussed utilizing PowerShell to automate some of the common tasks for incident response and triage related to malware. As we learned, utilizing scripting can greatly assist an analyst in collecting pertinent information and making informed decisions quickly.

In this chapter, we'll take those ideas one step further, and examine some of the common fully automated, public, or private malware analysis frameworks that are available to us as analysts and that may speed up our triage even further – without even committing time to scripting for each incident.

We'll examine the IOCs we can collect with a known sample of malware, and then present a challenge at the end of the chapter ...

Get Malware Analysis Techniques now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Malware Analysis Techniques by Dylan Barker

Chapter 4: A Word on Automated Sandboxing

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly