Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
In this module, we will take a closer look at basic network dynamic analysis. In the real World, most malware generally has some kind of network presence. We'll begin with Indicators of Compromise (IOC's) such as file hashes, domain names, network traffic, strings, registry keys, files names, file paths, process names, URLs and IP addresses. We'll also cover how to use OpenIOC and segregate some indicators. Note that singularly any indicator may not be useful but when combined with other indicators, it is critical in dynamic analysis. You'll also learn about Yara that is used for identifying indicators. We'll also walkthrough three websites that'll help you understand these concepts better. These include: www.github.com, www.malware-analyzer.com and www.opensecuritytraining.info.