Got Malware? Being able to understand malware is the key to being able to fight it.
Sandboxing, a form of dynamic analysis, allows an organisation to quickly triage malware by automatically detonating bad/unknown files in a safe, dedicated environment and reporting all behaviour observed during execution. This data produces actionable intelligence which can be used to detect and prevent further infections.
Malware Analysis can be conducted for a number of different reasons:
- To identify the intruder or insider responsible for installing the malware.
- To assess damage from an intrusion.
- To discover and action indicators of compromise (IOC’s) to reveal and alert on other machines which may have been compromised by the same malware.
- To determine the level of sophistication of the malware.