From 32c049867436bb0fc2cbf7a81f5214222f52362f Mon Sep 17 00:00:00 2001 From: BitwiseOperator Date: Fri, 7 Jun 2024 01:08:57 -0400 Subject: [PATCH] content-update --- .../Practical_Malware_Analysis_and_Triage.md | 35 ++++++++----------- ...cal_Malware_Analysis_and_Triage_Summary.md | 8 +---- 2 files changed, 16 insertions(+), 27 deletions(-) diff --git a/docs/Knowledge_Base/Cyber_Journey/TCM_Security/Practical_Malware_Analysis_and_Triage.md b/docs/Knowledge_Base/Cyber_Journey/TCM_Security/Practical_Malware_Analysis_and_Triage.md index 9e8930b41..f41372557 100644 --- a/docs/Knowledge_Base/Cyber_Journey/TCM_Security/Practical_Malware_Analysis_and_Triage.md +++ b/docs/Knowledge_Base/Cyber_Journey/TCM_Security/Practical_Malware_Analysis_and_Triage.md @@ -2652,7 +2652,7 @@ **How Does C# Code Get Compiled and Executed?** - ![alt text](PMA-img-s98nsxz-0.png) + ![alt text](/Knowledge_Base/images/PMA-img-s98nsxz-0.png) - **Compiling C# Code** - Once the code is written, it needs to be compiled into MSIL code using the C# compiler. @@ -3063,15 +3063,6 @@ I will not fault anyone for not wanting to provide a business email for this purpose. Feel free to skip the practical portion of this section and simply watch the video. Alternatively, another sandbox site called [Hatching Triage](https://tria.ge) offers free personal use accounts and does not require a business email. I love Triage and use them for my personal and professional research and recommend their services for this purpose. Please note that their account creation process does take some time due to their verification process. - - - - - - - - - ??? info "ChatGPT Script Analysis" #### Advanced Script Analysis with ChatGPT @@ -3092,13 +3083,6 @@ [YARA Documentation](https://yara.readthedocs.io/en/stable/) - - - - - - - ??? info "Detection with YARA" #### Detecting Malware with YARA @@ -3110,17 +3094,28 @@ YARA is now invoked with the command `yara64` in the newer version of FLARE-VM. If you can't run YARA by running `yara32`, try `yara64` instead! + ??? info "Writing & Publishing Analysis Report" + + #### Writing & Publishing a Malware Analysis Report + + [Report Template](https://github.com/HuskyHacks/PMAT-labs/blob/main/labs/5-3.ReportWriting/ReportTemplate.docx) + ![alt text](/Knowledge_Base/images/PMA-apo-87tS-0.png) + ![alt text](/Knowledge_Base/images/PMA-apo-87tS-1.png) - ??? info "Writing & Publishing Analysis Report" + ![alt text](/Knowledge_Base/images/PMA-apo-87tS-2.png) - #### Writing & Publishing a Malware Analysis Report + ![alt text](/Knowledge_Base/images/PMA-apo-87tS-3.png) - [Report Template](https://github.com/HuskyHacks/PMAT-labs/blob/main/labs/5-3.ReportWriting/ReportTemplate.docx) + ![alt text](/Knowledge_Base/images/PMA-apo-87tS-4.png) + + ![alt text](/Knowledge_Base/images/PMA-apo-87tS-5.png) + ![alt text](/Knowledge_Base/images/PMA-apo-87tS-6.png) + ![alt text](/Knowledge_Base/images/PMA-apo-87tS-7.png) --- diff --git a/docs/Knowledge_Base/Cyber_Journey/TCM_Security/Practical_Malware_Analysis_and_Triage_Summary.md b/docs/Knowledge_Base/Cyber_Journey/TCM_Security/Practical_Malware_Analysis_and_Triage_Summary.md index 552b13b12..af31320d8 100644 --- a/docs/Knowledge_Base/Cyber_Journey/TCM_Security/Practical_Malware_Analysis_and_Triage_Summary.md +++ b/docs/Knowledge_Base/Cyber_Journey/TCM_Security/Practical_Malware_Analysis_and_Triage_Summary.md @@ -1219,7 +1219,7 @@ **How Does C# Code Get Compiled and Executed?** - ![alt text](PMA-img-s98nsxz-0.png) + ![alt text](/Knowledge_Base/images/PMA-img-s98nsxz-0.png) - **Compiling C# Code** - Once the code is written, it needs to be compiled into MSIL code using the C# compiler. @@ -1662,12 +1662,6 @@ - [InQuest/awesome-yara](https://github.com/InQuest/awesome-yara) - - - - - - ??? info "Detection with YARA" #### Detecting Malware with YARA