Create Analysis.md

2020-01-02 18:34:47 +01:00 · 2020-01-02 18:34:47 +01:00 · 82e1ec57bb
commit 82e1ec57bb
parent 9bc280fb6c
1 changed files with 50 additions and 0 deletions
--- a/Analysis/Terraloader/02-01-20/Analysis.md
+++ b/Analysis/Terraloader/02-01-20/Analysis.md
@ -0,0 +1,50 @@
+# Analysis of Terraloader sample
+## Table of Contents
+* [Malware analysis](#Malware-analysis)
+* [Cyber kill chain](#Cyber-kill-chain)
+* [Indicators Of Compromise (IOC)](#IOC)
+* [References MITRE ATT&CK Matrix](#Ref-MITRE-ATTACK)
+* [Links](#Links)
+  + [Original Tweet](#tweet)
+  + [Link Anyrun](#Links-Anyrun)
+  + [Ressources](#Ressources)
+
+<h2>Malware analysis <a name="Malware-analysis"></a></h2>
+
+```javascript
+
+```
+
+<h2> Cyber kill chain <a name="Cyber-kill-chain"></a></h2>
+<h6>The process graph resume cyber kill chains used by the attacker :</h6>
+<p align="center">
+  <img src="https://raw.githubusercontent.com/StrangerealIntel/CyberThreatIntel/master/Indian/APT/SideWinder/25-12-19/Pictures/Cyber.png">
+</p>
+<h2> Indicators Of Compromise (IOC) <a name="IOC"></a></h2>
+<h6> List of all the Indicators Of Compromise (IOC)</h6>
+
+|Indicator|Description|
+| ------------- |:-------------:|
+|||
+
+<h6> The IOC can be exported in <a href="">JSON</a></h6>
+
+<h2> References MITRE ATT&CK Matrix <a name="Ref-MITRE-ATTACK"></a></h2>
+
+|Enterprise tactics|Technics used|Ref URL|
+| :---------------: |:-------------| :------------- |
+||||
+
+<h6> This can be exported as JSON format <a href="">Export in JSON</a></h6>
+<h2>Links <a name="Links"></a></h2>
+<h6> Original tweet: </h6><a name="tweet"></a>
+
+* [https://twitter.com/Ledtech3/status/1211760115008888832](https://twitter.com/Ledtech3/status/1211760115008888832) 
+
+<h6> Links Anyrun: <a name="Links-Anyrun"></a></h6>
+
+* [Job Description.js](https://app.any.run/tasks/1b909852-114b-4a4c-8b90-f36016501d6d)
+
+<h6> Resources : </h6><a name="Ressources"></a>
+
+* [Analysis of TerraLoader sample from Vitali Kremez](https://twitter.com/VK_Intel/status/1211758023376592896)