Pi-One Malware Analysis
Besides computer forensic Pi-One also provides Malware Analysis as a service. The capability to analyse malicious software is an important factor in the analysis of compromises or advanced persistent threats (APTs), as it provides helpful clues on the extent of an attack and the attacker itself. We distinguish two different parts of malware analysis:
- Automated Sandbox Analysis
- Manual Analysis (Reverse Engineering)
During the automated analysis, malware is executed in a controlled and monitored environment. As a result, we receive a quick view on system modifications and how a malware communicates with the outside world.
However, during automated analysis not all relevant functionality of a malware has to be monitored. As some behavior might only trigger on certain events (e.g. certain date), a manual analysis is an essential step during malware analysis.