Professional Documents
Culture Documents
For this lab, I’ve provided a few samples to meet the objective. I leave the choice to you in deciding
which sample to utilize. Although you are free to pick a single sample, you may also analyze more than
one.
Objective/Scenario
Analysts in the security operations center (SOC) were alerted via the IDS of malicious activity. They
have analyzed the suspected machine. From the machine, a particular program stood out. You have have
been provided a sample of the program. In the form of a write-up, provide the requested information
below
1. Are there any indicators you can carve out of the samples?
2. What are they?
3. How can you verify activity associated with said indicators?
4. Can you create filters with said indicators if they exist?
5. Is there any publicly available information about the threat?