更新时间:2021-07-23 16:02:24
封面
版权信息
Credits
About the Authors
Acknowledgement
About the Reviewers
www.PacktPub.com
Preface
Chapter 1. Getting Started with Automated Malware Analysis using Cuckoo Sandbox
Malware analysis methodologies
Basic theory in Sandboxing
Malware analysis lab
Cuckoo Sandbox
Installing Cuckoo Sandbox
Summary
Chapter 2. Using Cuckoo Sandbox to Analyze a Sample Malware
Starting Cuckoo
Submitting malware samples to Cuckoo Sandbox
Submitting a malware Word document
Submitting a malware PDF document – aleppo_plan_cercs.pdf
Submitting a malware Excel document……
Submitting a malicious URL – http://youtibe.com
Submitting a malicious URL – http://ziti.cndesign.com/biaozi/fdc/page_07.htm
Submitting a binary file – Sality.G.exe
Memory forensic using Cuckoo Sandbox – using memory dump features
Additional memory forensic using Volatility
Chapter 3. Analyzing the Output of Cuckoo Sandbox
The processing module
Analyzing an APT attack using Cuckoo Sandbox Volatility and Yara
Chapter 4. Reporting with Cuckoo Sandbox
Creating a built-in report in HTML format
Creating a MAEC Report
Exporting data report analysis from Cuckoo to another format
Chapter 5. Tips and Tricks for Cuckoo Sandbox
Hardening Cuckoo Sandbox against VM detection
Cuckooforcanari – integrating Cuckoo Sandbox with the Maltego project
Automating e-mail attachments with Cuckoo MX
Index
