Threat Intelligence Example

• Class: Malware Analysis and Incident Forencsis
• Topic: Threat Intelligence

Even from the Day 1 some important information are available, the email address of the sender, and the PDF file.

Further information that can be extracted from the proxy log connections originating from Bob’s PC. The mail header can also be used to gather extra information.