Forum Discussion

MichaelJMelone's avatar
MichaelJMelone
Icon for Microsoft rankMicrosoft
Aug 05, 2020

Share Your Hunting Challenges!

Hello world! Tali Ash and I would love your input on anything you would like demo'ed in future webcasts! Want to see us demonstrate a specific hunting capability? Got a query challenge on your mind? ...
Reza_Ameri-Archived's avatar
Reza_Ameri-Archived
Bronze Contributor
Aug 05, 2020

MichaelJMelone 

It might be a bit out of topic but it is still about hunting.

Normally for suspicious and unknown files, we are send them to Microsoft Anti-Malware team and VirusTotals.

Sometimes, I will use Process Explorer and Process Monitor to do some investigation on infected PC.

As you may know, we normally don't have malware research lab in our company and sometimes we play around with VM and Windows Sandbox but at the end of the day, we have to wait for response from Microsoft Anti-Malware team.

It would be nice to discuss about ways we could investigate malware internally and protecting our system while we are waiting for patch.

Resources