Enter Sandbox 28: Automated access primitives extraction
In my previous post about TI I hinted that malware sample sandboxing (f.ex. extracting configs, credentials, domains, emails, (S)FTP accounts) β identifying TTPs is a great TI data sourceβ¦ I must admit that there is so much juice to absorb β¦ Continue reading β