Forum Discussion
Analyse a File/Document
Hello guys,
i am looking for a method to analyze files like Virustotal. I have a .exe &.msi File also the SHA1 & SHa256 hashes. I want check the files how can i do it? We have Defender for Business enrolled.
YN2023 hi,
so, I see three pathways here. One reflects sandboxing, and the others reflect IoCs feed check.
First, regarding sandboxing you may check a solution like Intezer it is a very good product which automates both sandboxing for files at the endpoints as well as IoC check. Of course, this service doesn't come for free, you may want to perform a PoC and then decide if it fits your needs.
On the other hand, regarding IoCs check, you can check this repo and enhance your detection capacity and integrate analytics regarding threat intel feeds.
Finally, another option, would be to load from the Content hub relevant connectors but again this requires some sort of subscription from a product like Intel471, or even Microsoft's Defender Threat Intelligence.
If I have answered your question, please mark your post as Solved
If you like my response, please consider giving it a like
- cyb3rmik3Iron Contributor
YN2023 hi,
so, I see three pathways here. One reflects sandboxing, and the others reflect IoCs feed check.
First, regarding sandboxing you may check a solution like Intezer it is a very good product which automates both sandboxing for files at the endpoints as well as IoC check. Of course, this service doesn't come for free, you may want to perform a PoC and then decide if it fits your needs.
On the other hand, regarding IoCs check, you can check this repo and enhance your detection capacity and integrate analytics regarding threat intel feeds.
Finally, another option, would be to load from the Content hub relevant connectors but again this requires some sort of subscription from a product like Intel471, or even Microsoft's Defender Threat Intelligence.
If I have answered your question, please mark your post as Solved
If you like my response, please consider giving it a like