[SANS ISC] Malware Triage with FLOSS: API Calls Based Behavior

I published the following diary on isc.sans.edu: “Malware Triage with FLOSS: API Calls Based Behavior“:

Malware triage is a key component of your hunting process. When you collect suspicious files from multiple sources, you need a tool to automatically process them to extract useful information. To achieve this task, I’m using FAME which means “FAME Automates Malware Evaluation”. This framework is very nice due to the architecture based on plugins that you can enable upon your needs. Here is an overview of my configuration… [Read more]

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.