Course Hive
Search

Welcome

Sign in or create your account

Continue with Google
or
Incident Response Training Course, Malicious Document Analysis, Day 15
Play lesson

BlackPerl DFIR || INCIDENT RESPONSE TRAINING || Full Course - Incident Response Training Course, Malicious Document Analysis, Day 15

5.0 (0)
14 learners

What you'll learn

This course includes

  • 13.5 hours of video
  • Certificate of completion
  • Access on mobile and TV

Summary

Keywords

Full Transcript

In this full series we will talk about Incident Response and it will be a Free Training Course for everyone. Today is Day-15 and I will show you how can you analyze a malicious document file which might come to you via any incident/report or by any means. If you are upladoing them for a analysis in VirusTotal/JoeSandbox or any online Sandbox tool, that's a BIG NO! You have to learn the skills to analyze these files manually inhouse. You can create automation workflow out of it, but that should be done inhouse. So, in this episode, I will show you from scratch how can you analyze one such document to identify what are the static properties of it, how can you easily extract IOCs/IOAs to take immediate action and how can you even understand what are the probable TTPs of that document, if any macro is hidden on it or not. As a prerequisite you MUST be prepared with your Lab set-up now which I have explained here- https://youtu.be/zyjwo8z3PtU So get ready with your Lab and follow along with me if you want to make your hands dirty doing this analysis. You can download any such malicious samples from Online Sandboxes for practice. WATCH BELOW Playlists as well, if you want to make your career in DFIR and Security Operations!! ------------------------------------------------------------------------------------------------------------------------- INCIDENT RESPONSE TRAINING Full Course 👉https://youtube.com/playlist?list=PLjWEV7pmvSa4yvhzNsCjOJovOn1LLyBXB DFIR Free Tools and Techniques 👉 https://youtube.com/playlist?list=PLjWEV7pmvSa6f-NTpXsaUYWZLjLAB_0TS Windows and Memory Forensics 👉 https://youtube.com/playlist?list=PLjWEV7pmvSa50erciZUSnzvE7nK0FyvsH Malware Analysis 👉 https://youtube.com/playlist?list=PLjWEV7pmvSa6u32RongesgDtkfKBfrFWW SIEM Tutorial 👉 https://youtube.com/playlist?list=PLjWEV7pmvSa7cXTkCppnYHERUdy8Dd71x Threat Hunt & Threat Intelligence 👉 https://youtube.com/playlist?list=PLjWEV7pmvSa5UTZlsWp5wRnURNbeMS-fu ⌚ Timelines ------------------------------------------------------------------------------------------------------------------------- 0:00 ⏩ Introduction 1:09 ⏩ Identify static properties 3:46 ⏩ Load the file in VM 10:36 ⏩ Decode PowerShell Code 16:01 ⏩ Any other IOC? 19:09 ⏩ Summarize 📞đŸ“Č FOLLOW ME EVERYWHERE- ------------------------------------------------------------------------------------------------------------------------- ✔ LinkedIn: https://www.linkedin.com/company/blackperl ✔ You can reach out to me personally in LinkedIn as well- https://bit.ly/38ze4L5 ✔ Twitter: @blackperl_dfir ✔ Git: https://github.com/archanchoudhury ✔ Insta: (blackperl_dfir)https://www.instagram.com/blackperl_dfir/ ✔ Can be reached via [email protected] SUPPORT BLACKPERL ------------------------------------------------------------------------------------------------------------------------- ╔═╩╗╔╩╗╔═╩═╩╩╩╩╗╔═╗ ║╚╣║║║╚╣╚╣╔╣╔╣║╚╣═╣ ╠╗║╚╝║║╠╗║╚╣║║║║║═╣ ╚═╩══╩═╩═╩═╩╝╚╩═╩═╝ âžĄïž SUBSCRIBE, Share, Like, Comment ☕ Buy me a Coffee 👉 https://www.buymeacoffee.com/BlackPerl 📧 Sponsorship Inquiries: [email protected] ------------------------------------------------------------------------------------------------------------------------- 🙏 Thanks for watching!! Be CyberAware!! đŸ€ž

Course Hive

Continue this lesson in the app

Install CourseHive on Android or iOS to keep learning while you move.

Related Courses

FAQs

Course Hive
Download CourseHive
Keep learning anywhere