Back

Malware Analysis - Accelerating Analysis When It Matters

July 24, 2024, 5:16 p.m.

Tags

2024-07-24
malware analysis

External References

https://unit42.paloaltonetworks.com/

https://otx.alienvault.com/

Description

This report provides information on how security professionals can expedite the analysis of multiple malware samples. By utilizing automated techniques, such as malware configuration parsing, analysts can quickly determine malware families, extract network indicators, and enhance detection and response capabilities. The report highlights a case study where this approach was applied to a set of samples related to cyberattacks targeting Ukrainian entities, facilitating a rapid and effective response.

Date

Published Created Modified
July 24, 2024, 4:57 p.m. July 24, 2024, 4:57 p.m. July 24, 2024, 5:16 p.m.

Indicators

e8af36287e2270581fd5f2d28c6e0b83b337f58d430554d28dbf55d2ca09fcca

e20124da608445d9df1c71b1ad3530331a86b773b0b2f6a43ad32ec3d061a297

d69fe5cb1ded3aaa9a8b64824d820a72da0a1d43c9298cfcb5072f0060aefb8c

5b8e99a46d7c077152ef954e74a2ff1ad3de0adb34aa0b96f6f02fa60426d12f

564d742044e5ac9f6279c01c5c29bb801606b63c6c2cbfc2af09d8f2a73b84a6

504a6b8ce51c3be7de7e74c98c6da3fe12b186f634c441b43fa21f3350b7f1a3

50351b1ff64cd2e8d799f5153ff853a650e8782c49f241a123c8779ff3fa2a3d

101b9564ba11aa44372b37b1143eac0d5dd1e3f38c6a35517de843b9f23b3704

09df06e192569b671d8f4b7587a5ba184392e80195968d0e4f1ab0c21de65c5e

04ec79fb6e3260c8db46aea8e5cc6a42ad6e2af1c7c0cf46866a06b4acb98bae

5.42.64.67

177.105.132.70

177.105.132.124

142.132.232.235

128.140.69.37

82.147.85.205

77.105.132.70

Attack Patterns

Vidar Stealer

Remcos RAT

Lumma Stealer

Redline Stealer

Quasar RAT

T1559.001

T1059.007

T1071.001

T1489

T1486

T1105

T1219