: Documentation of how the malware attempts to bypass Personal Firewalls (PFW) or Host Intrusion Prevention Systems (HIPS).
: Analysis of "hooks" in registry keys or values designed to protect autostart capabilities for the malware. ColonelYobo_2022_Nov-Dec.zip
: Examining the binary or script without execution to find strings, headers, and potential packed signatures (e.g., UPX). : Documentation of how the malware attempts to
A writeup story for “The truth of Plain” | by Kulkan Security | Medium and potential packed signatures (e.g.
: Utilizing memory dump analysis to detect obfuscated malware that may not leave traces on the physical disk.
: Use of tools like malheur for unsupervised machine learning analysis, focusing on "prototypes" to classify malware behavior. Common Analysis Techniques Used