Abstract
Objective. Currently, the main method of attack on organizations is malware. The problem of strengthening protection against this type of attack remains relevant and requires new approaches. The main task is to analyze malware to assess threats and timely detection and take action.Method. For analysis, you should use an isolated environment with a customized environment and software.Result. This paper describes the process of creating an isolated stand for malware analysis and conducted a practical analysis of the malware.bin file taken from the cyberdefenders.org educational resource. Network interfaces are configured to prevent impact to the network that connects the two virtual machines. As a result of the analysis of the techniques and features used in this malware, it was revealed that it belongs to the Dridex family of banking Trojans. To obtain information from this family, you can use the AppGate Lab Dridex Toolkit.Conclusion. Based on the analysis performed using static and dynamic methods, detection rules can be developed for further identification of malware.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
