SEC504: Hacker Tools, Techniques, and Incident Handling

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsSpear-phishing emails were sent to a political figure at my place of residence. An email together with the attached sample was provided for forensics analysis. It appears to be an Advanced Persistent Threat type malware. By performing behavioral and code analysis in an alternatively way, most of its important functions were identified. The aim of this technical paper is to illustrate the detailed procedures of how this malware was dissected.