Who Littered the Sandbox? Scooping Up New Malware Behavior

Explore the world of malware behavior analysis in this insightful conference talk from HITB CyberWeek 2021. Dive into Olaf Hartong's research on processing and analyzing sandbox telemetry from over half a million malware samples. Learn about the links between major malware families and ransomware, and discover how to create meaningful detections for initial infection stages. Gain valuable insights into acquiring and processing large-scale data to track behavioral changes and identify commonalities in malware. Follow Hartong's journey as he shares his experiences and findings, offering a unique perspective on improving cybersecurity defenses through understanding attacker tradecraft.

Intro
ZDN article
Rebranding
Marketing
Spaghetti Picture
Microsoft Sentinel
Parsers
Why do I do this
Mimetypes
dlls
More groups
Com
Com Objects
dll register
What can they do
Detection
Questions