Malware Analysis using Osquery Part 2

September 6, 2018 | Javier Ruiz
Javier Ruiz

Javier Ruiz

Javier Ruiz is a Security Researcher working in AlienVault Labs team. He is very passionate about the InfoSec world and loves to do investigation and contribute to the community. Prior to working in security roles he studied Telecommunication Engineering and also has a masters degree in cybersecurity. His main passion is focused on analyzing malware, reverse engineering and learning about new ways of attacking endpoint systems.

September 6, 2018 | Javier Ruiz

Malware Analysis using Osquery Part 2

In the first part of this series, we saw how you can use Osquery to analyze and extract valuable information about malware’s behavior. In that post, we followed the activity of the known Emotet loader, popular for distributing banking trojans. Using Osquery, we were able to discover how it infects a system using a malicious Microsoft Office document…

July 31, 2018 | Javier Ruiz

Malware Analysis using Osquery Part 1

Tools like Sysmon and Osquery are useful in detecting anomalous behavior on endpoints. These tools give us good visibility of what’s happening on endpoints by logging multiple types of events, which we can forward to a SIEM or other correlation system for analysis.In this blog series, we’ll analyze different malware families, looking at the types…

Get the latest security news in your inbox.

Subscribe via Email

June 1, 2018 | Javier Ruiz

Satan Ransomware Spawns New Methods to Spread

Today, we are sharing an example of how previously known malware keeps evolving and adding new techniques to infect more systems.BleepingComputer first reported on Satan ransomware in January 2017. Recently, Satan Ransomware was identified as using the EternalBlue exploit to spread across compromised environments (BartBlaze’s blog). This is the same exploit associated with a previous WannaCry Ransomware campaign.…

Watch a Demo ›
GET PRICE FREE TRIAL CHAT