OSINT In The Malware Ecosystem
They are two types of cyberattacks: opportunistic and targeted ones. In the first case, victims usually don’t pay attention to who’s beyond the attack. However in the second case, it could be interesting to find « data » to identify the threat actor and put some context arount the attack. If, at first glance, malware analysis seems to be based on a very deep technical analysis, there are a multitude of artefacts that are easy to extract and have a great value. Attackers aslo behave like all humans and make errors that, often, disclose juicy details.
Open Source Intelligence plays a critical role in malware analysis, especially in understanding the broader context of the attack, enriching findings, and speeding up attribution. In this talks, we will cover many examples about useful information found in malware samples, how to access them and enrich them. I promise, no assembly!
