Behavioral task
behavioral1
Sample
Digital forensics and incident response incident response techniques and procedures to respond to m.pdf
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Digital forensics and incident response incident response techniques and procedures to respond to m.pdf
Resource
win10v2004-20220812-en
General
-
Target
Digital forensics and incident response incident response techniques and procedures to respond to modern cyber threats (Gerard Johansen) (z-lib.org).pdf
-
Size
67.6MB
-
MD5
4b05d8c40a8facdea608f8a5dba6cd06
-
SHA1
c4c27a817c6b63164d1de3e0889302b5d92c2d7d
-
SHA256
e84fcb4980ba29bec4425981d3339e70b20c80516ad299f5f3f5c1d14e720155
-
SHA512
2b016df3a9514ddeb9ea6dc84c5b5b26ef06890b3310f44ec694fcec5d94d38eddf152ab1ba490012ec47aa3282715cb74353378bca6416ff636c82ac781b9fc
-
SSDEEP
1572864:X2OPjqNkw83WJ12SzWsMWFNZjh5XLZZFYc9Hg4viub6:mO7qNklwASd9jh5VZ2c24quW
Malware Config
Signatures
Files
-
Digital forensics and incident response incident response techniques and procedures to respond to modern cyber threats (Gerard Johansen) (z-lib.org).pdf.pdf
-
http://www.packt.com
-
https://subscribe.packtpub.com/
-
http://authors.packtpub.com
-
http://www.packtpub.com/sites/default/files/downloads/9781838649005_ColorImages.pdf
-
https://www.packtpub.com/support/errata
-
http://authors.packtpub.com/
-
http://www.packt.com/
-
https://htcia.org/
-
https://www.infragard.org/
-
https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final
-
https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material/documents/incident-handling-in-live-role-playing-handbook/view
-
https://www.sans.org/reading-room/whitepapers/incident/incident-handlers-handbook-33901
-
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0144
-
https://www.mitre.org/sites/default/files/publications/pr-13-1028-mitre-10-strategies-cyber-ops-center.pdf
-
https://www.ncjrs.gov/pdffiles1/Digitization/137561NCJRS.pdf.
-
http://www.crime-scene-investigator.net/SeizingElectronicEvidence.pdf
-
https://www.ncjrs.gov/pdffiles1/nij/219941.pdf
-
https://www.iacpcybercenter.org/wp-content/uploads/2015/04/digitalevidence-booklet-051215.pdf
-
https://www.nist.gov/document/sample-chain-custody-formdocx
-
https://digital-forensics.sans.org/community/downloads
-
https://forensics.cert.org/
-
https://remnux.org
-
http://www.cftt.nist.gov/
-
https://www.dfrws.org
-
http://www.isaca.org/Knowledge-Center/Research/ResearchDeliverables/Pages/overview-of-digital-forensics.aspx
-
https://www.ncjrs.gov/App/Publications/abstract.aspx?ID=137561
-
http://www.tcpdump.org/
-
https://www.winpcap.org/
-
https://www.chappell-university.com/
-
https://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-netflow/prod_white_paper0900aecd80406232.html
-
https://accessdata.com/product-download
-
http://accessdata.com/product-download/digital-forensics/ftk-imager-version-3.4.3
-
http://releases.rekall-forensic.com/
-
http://www.aff4.org/
-
https://github.com/orlikoski/CyLR/releases
-
https://www.magnetforensics.com/resources/encrypted-disk-detector/
-
https://blogs.getcertifiedgetahead.com/cfr-and-order-of-volatility/
-
https://researchrepository.murdoch.edu.au/id/eprint/14422/
-
https://digital-forensics.sans.org/blog/2009/09/12/best-practices-in-digital-evidence-collection/
-
https://eraser.heidi.ie/
-
http://marketing.accessdata.com/ftkimagerlite3.1.1
-
https://www.f-response.com/buyfresponse/software
-
https://ad-pdf.s3.amazonaws.com/Imager/3_4_3/FTKImager_UG.pdf
-
https://toolcatalog.nist.gov/search/index.php?ff_id=1
-
https://www.sans.org/reading-room/whitepapers/incident/overview-disk-imaging-tool-computer-forensics-643
-
https://bitbucket.org/ethanr/dns-blacklists/
-
http://malware-traffic-analysis.net/
-
https://www.malware-traffic-analysis.net/2019/03/13/index.html
-
https://molo.ch/#download
-
https://www.malware-traffic-analysis.net/2019/07/22/index.html
-
https://www.wireshark.org/
-
https://www.packtpub.com/big-data-and-business-intelligence/elasticsearch-70-cookbook-fourth-edition
-
https://www.malware-traffic-analysis.net/
-
https://molo.ch/
-
https://www.cisco.com/c/en/us/products/ios-nx-os-software/ios-netflow/index.html
-
http://jonrajewski.com/data/Malware/stuxnet.vmem.zip
-
http://files.sempersecurus.org/dumps/cridex_memdump.zip
-
https://www.fireeye.com/services/freeware/redline.html
-
https://www.volatilityfoundation.org/releases
-
https://github.com/volatilityfoundation/volatility/wiki/Command-Reference
-
https://docs.microsoft.com/en-us/sysinternals/downloads/strings
-
http://chaseonline.com/
-
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=win32%2Fcridex
-
https://digital-forensics.sans.org/blog/2017/12/11/updated-memory-forensics-cheat-sheet
-
https://www.fireeye.com/content/dam/fireeye-www/services/freeware/ug-redline.pdf
-
https://www.cftt.nist.gov/
-
https://commons.erau.edu/cgi/viewcontent.cgi?article=1120&context=jdfsl
-
https://www.sleuthkit.org/autopsy/download.php
-
https://www.cfreds.nist.gov/data_leakage_case/data-leakage-case.html
-
https://www.magnetforensics.com/
-
https://www.datanarro.com/the-impact-of-ssds-on-digital-forensics/
-
https://github.com/dkovar/analyzeMFT
-
https://github.com/log2timeline/
-
https://ericzimmerman.github.io/#!index.md
-
https://github.com/sleuthkit/autopsy
-
https://digital-forensics.sans.org/media/EricZimmermanCommandLineToolsCheatSheet-v1.0.pdf
-
https://subscription.packtpub.com/book/networking_and_servers/9781784390495/6/ch06lvl1sec37/registry-analysis-with-ftk-registry-viewer
-
https://articles.forensicfocus.com/2019/04/05/windows-registry-analysis-101/
-
http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-92.pdf
-
https://gbhackers.com/security-information-and-event-management-siem-a-detailed-explanation/
-
https://securityonion.net/
-
https://github.com/sans-blue-team/DeepBlueCLI
-
https://eventlogxp.com/
-
https://github.com/orlikoski/Skadi
-
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/
-
https://github.com/Graylog2
-
https://github.com/certsocietegenerale/FIR/wiki/Setting-up-a-development-environment
-
https://github.com/certsocietegenerale/FIR/wiki/User
-
https://github.com/certsocietegenerale/FIR/wiki
-
https://digital-forensics.sans.org/blog/2010/08/25/intro-report-writing-digital-forensics/
-
http://www.legalexecutiveinstitute.com/understanding-digital-forensics-report/
-
http://rnyte-cyber.com/uploads/9/8/5/9/98595764/exampledigiforensicsrprt_by_ryan_nye.pdf
-
https://Zeltser.com/
-
https://www.clamav.net/downloads
-
https://www.clamav.net/downloads/production/ClamAV-0.102.1.exe
-
https://www.clamav.net/documents/installing-clamav-on-windows
-
https://www.malware-traffic-analysis.net/2019/09/04/index.html
-
https://www.malware-traffic-analysis.net/2019/09/18/index.html
-
https://remnux.org/
-
https://docs.google.com/uc?id=0B6fULLT_NpxMampUWlBCQXVJZzA&export=download
-
https://github.com/Yara-Rules/rules/blob/master/malware/APT_Stuxnet.yar
-
https://github.com/Neo23x0/Loki
-
https://github.com/Neo23x0/yarGen
-
https://github.com/fireeye/flare-vm
-
https://technet.microsoft.com/en-us/sysinternals/processexplorer.aspx
-
https://www.virustotal.com/gui/home/upload
-
https://github.com/felixweyne/ProcessSpawnControl
-
https://bdavis-cybersecurity.blogspot.com/2016/11/cuckoo-sandbox-installation-part-1.html
-
https://malwr.com/
-
http://malwr.com/
-
http://www.malware-traffic-analysis.net/2017/06/12/index.html
-
https://www.malware-traffic-analysis.net/index.html
-
https://malwareunicorn.org/#/
-
http://malwarejake.blogspot.com/
-
https://github.com/Neo23x0/
-
https://www.lockheedmartin.com/content/dam/lockheed/data/corporate/documents/LM-White-Paper-Intel-Driven-Defense.pdf
-
http://www.dtic.mil/dtic/tr/fulltext/u2/a586960.pdf
-
https://attack.mitre.org/wiki/Main_Page
-
https://github.com/MISP/MISP/tree/2.4/INSTALL
-
https://www.circl.lu/assets/files/misp-training/MISP_v2.4.77.ova
-
https://github.com/Yara-Rules/rules/blob/master/malware/APT_Cobalt.yar
-
https://www.recordedfuture.com/threat-intelligence-definition/
-
https://www.sans.org/reading-room/whitepapers/threats/paper/38790
-
https://github.com/VirusTotal/yara
-
https://suricata-ids.org/
-
https://www.zeek.org/
-
https://www.snort.org/
-
https://www.cityvisualization.com/wp-includes/88586
-
https://87creationsmedia.com/wp-inlcudes/zz90f27
-
http://www.magnumbd.com/wp-includes/w2vn93
-
https://attack.mitre.org/tactics/enterprise/
-
https://attack.mitre.org/techniques/T1132/
-
https://www.threathunting.net/files/hunt-evil-practical-guide-threat-hunting.pdf
-
https://attack.mitre.org/
-
https://www.packtpub.com/networking-and-servers/learning-python-forensics-second-edition
-
https://www.packtpub.com/networking-and-servers/practical-mobile-forensics-third-edition
- Show all
-