Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create a MISP event on a malware incident – dynamic malware analysis #3

Closed
cudeso opened this issue Feb 15, 2023 · 0 comments
Closed

Create a MISP event on a malware incident – dynamic malware analysis #3

cudeso opened this issue Feb 15, 2023 · 0 comments
Assignees
@cudeso
Labels
needs triage This issue has been automatically labelled and needs further triage playbook:activity=3 Playbooks for activity 2 playbook:state=proposal A 'proposal' for a new playbook

Comments

@cudeso
Copy link
Collaborator

cudeso commented Feb 15, 2023
edited
Loading

The title of the playbook

Create a MISP event on a malware incident – with sample

Purpose of the playbook

Variants of the malware incident playbook can be made with VMRay, Joe Sandbox or Cuckoo.
Similar as #2

External resources used by this playbook

VMRay, Joe Sandbox, Cuckoo, MWDBcore, VirusTotal, OTX, Hashlookup, Mattermost (or Slack), TheHive (optional), DFIR-IRIS (optional)

Target audience

SOC, CSIRT

Breefly list the execution steps or workflow

No response
@cudeso cudeso added playbook:state=proposal A 'proposal' for a new playbook needs triage This issue has been automatically labelled and needs further triage labels Feb 15, 2023
@cudeso cudeso self-assigned this Feb 15, 2023
@cudeso cudeso added the playbook:activity=3 Playbooks for activity 2 label Oct 24, 2023
@cudeso cudeso closed this as completed in 3f3ab77 Nov 14, 2023
@cudeso cudeso changed the title Create a MISP event on a malware incident – with sample Create a MISP event on a malware incident – dynamic malware analysis Dec 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cudeso cudeso

Labels
needs triage This issue has been automatically labelled and needs further triage playbook:activity=3 Playbooks for activity 2 playbook:state=proposal A 'proposal' for a new playbook
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@cudeso