File Analysis Archives

.NET Malware 101: Analyzing the .NET Executable File Structure

Welcome to our deep dive into the world of .NET malware reverse engineering. As a security researcher or analyst, you’re likely aware...

Supercharge These 3 Top Incident Response SOAR Playbooks

Quick and accurate responses to threats are essential for cybersecurity teams. SOAR playbooks provide structured workflows to handle common security incidents. However,...

How to Analyze Malicious Microsoft Office Files

Microsoft Office files (and other file types commonly used for delivering malware, including binary files, documents, scripts, and archives) are supported in...

Beyond Files: Automate URL Analysis with Intezer Analyze

October 2023 Update: Intezer now analyzes URLs, including detecting QR codes, that we collect as evidence for automated alert triage and phishing...

Malware Reverse Engineering for Beginners - Part 1: From 0x0

Already familiar with assembly language and disassemblers? Check out Reverse Engineering for Beginners Part 2 to dig into how malware is packed,...

Teaching Capa New Tricks: Analyzing Capabilities in PE and ELF Files

When analyzing malware, one of the goals in addition to identifying what malware it is, is to understand what it does when...

Intezer Analyze Community: Buhtrap, Divergent, Kronos, and More

In this month’s community highlights we see a range of malware types, including banking trojans, exploit kits, and nation-state sponsored threats. 1)...

Intezer Analyze Community Halloween Edition: Trickbot or Treat!

In the spirit of Halloween we’re spotlighting three “spooky” threats detected by the Intezer Analyze community in October. And as a special...

Intezer Analyze Community: GonnaCry, HawkEye, BXAQ and More

In July, Intezer Analyze community detections included GonnaCry ransomware, the HawkEye malware kit, and BXAQ, the spyware that Chinese authorities have been...

Intezer Analyze Community: BlackSquid, RobbinHood Ransomware and More

1) BlackSquid [Link to Analysis] BlackSquid is a Monero crypto-miner which was recently discovered by researchers at Trend Micro. According to Trend...

Chinese APTs Rising: Key Takeaways from the Intezer Analyze Community in May

1) Pirpi (APT3) [Link to Analysis] APT3, commonly referred to as Gothic Panda, TG-0110 and Buckeye, is a Chinese cyber espionage group...

Top Five Community Uploads | April 2019

This month’s Intezer Analyze community findings include malware employed by two cyber espionage groups linked to the Russian government and an endpoint...

Meet the Team: Shaul Holtzman

Get to know Intezer’s community manager, Shaul Holtzman. Shaul is a former cybersecurity analyst helping organizations detect and classify advanced cyber threats....