Hello everyone, I have shared a number of documents with you which should be used this week to work on this project. Essentially, you are to select a process in the file "University Incidents" and w

Threat Intelligence Report

Barkly Incident

Date: Current Date

Name: Your Name

Name of Process Investigated

Timestamp of Barkly Incident

Introduction: What type of malware is associated with above process

Identification: Type of file; name; size; hashes; malware names; current anti-virus detection capabilities

Characteristics of malware:

Basic process overview
Symptoms (How do you know its on your computer)
Capabilities: infecting files; self-preservation; spreading; leaking data; stealing data (type); command and control (directions from hacker)
Dependencies: Files and network resources related to functionality (supported OS versions, required initialization files, custom DLLs, executables, URLs, scripts, folders, etc.)
Connections (outbound / inbound)
Associated domains
Attacker information (what group is known to use it)

Supporting Figures:

Logs, screenshots, string excerpts, function listings, (May require access to individual machines…may not be possible, but may have success on internet).

Incident Mitigation: