摘要:Malware analysis is a challenging task. It is usually the first step to do in a malware incident response plan. This process requires the analyst to provide the reports accurately and quickly to implement the next necessary solutions. In this paper, we propose a basic malware analysis process based on the open-source tools in Fire Eye Ecosystem, including Flare-VM, FLOSS, String Sifter, CAPA, and Fake Net-NG. Combining these tools logically according to a specific analysis process will simplify the analysis, shorten malware's handling time, and bring higher efficiency.
