Another day, another challenge…
In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.
In our twelfth challenge, Forensics McBlue confirmed the malicious document spawned a suspicious binary. Forensics McBlue’s job is to further analyze the binary via Malware Analysis.
The topics explored in this challenge are malware analysis – why it’s important and how it should be done in a safe environment (such as a sandbox). Items to determine if malware is present such as new network connections, registry key modifications, and file manipulations. Finally, there were two tools that were discussed – Detect It Easy (DIE) and CAPA.
Can Forensic McBlue determine if suspicious file is malware? Find out below!
If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007
