IMPLEMENTATION OF DYNAMIC METHOD FOR MALWARE DETECTION IN EMAIL PHISHING ATTACKS ON LET'S DEFEND

Abstract

In the rapidly evolving landscape of cybersecurity threats, the need for robust defenses against phishing attacks has become paramount. This study explores the efficacy of malware detection in phishing email attacks using dynamic analysis on the Letsdefend.io platform. Leveraging the insights provided by the Deloitte Center for Controllership regarding the escalating frequency of cyber adversaries targeting organizational data, this research investigates the effectiveness of the Letsdefend.io platform, particularly utilizing the SOC 146 rule, in identifying and mitigating phishing threats. Through a comprehensive analysis process encompassing dynamic malware analysis techniques, such as those employed by VirusTotal and URLHaus, alongside detailed examination of suspicious email attachments using the Mailbox feature, this study aims to provide insights into the evolving tactics of phishing attackers, specifically those utilizing Excel 4.0 Macros. The research methodology involves collecting malware samples for analysis, configuring sandbox environments with tools like Process Monitor and Regshot, and utilizing sophisticated analysis tools like ProcDot to visualize malware behavior. Additionally, the study examines the effectiveness of the Letsdefend.io platform in detecting phishing URLs and malicious domains reported by AnyRun and URLHaus databases. The findings reveal promising results in the detection and identification of phishing threats, shedding light on the potential of dynamic analysis methods in bolstering cybersecurity defenses against evolving phishing techniques. This research contributes to the ongoing efforts to enhance cybersecurity measures and protect organizational assets from the pervasive threat of phishing attacks.