Difference between revisions of "Malware Triage: Malscripts Are The New Exploit Kit"
From BruCON 2017
(Created page with "Malware triage is an important function in any mature incident response program; the process of quickly analyzing potentially malicious files or URLs to determine if your orga...")
Revision as of 22:57, 1 July 2017
In this workshop you will work through the triage of a live malscript sample. During this process you will identify and extract malscripts from Office documents, manually deobfuscate the malscripts, circumvent anti-analysis techniques, and finally determine the purpose of the scripts and payload in order to develop countermeasures. The focus of this process will be the intersection between the techniques used to analyze malscripts and the larger incident response process.