Hourly Rate: Not Sure
| Duration: Not Sure
| Posted: Nov 26, 2015 | Ends: 13d, 17h |
Malware Behavior/Indicator Researcher I need to automate the detection of malware presence in a Windows system, with just the click of a button! BACKGROUND: I have dataset from potentially compromised Windows systems. Detecting malware is possible by looking at various IOCs or behavior but I want to automate the detection of malware behaviors or presence very quickly. Here are some examples of what I need as delivery of this project: Indicator #1: - Category: Process Name or Path - Name: Multiple instances of "lsass" process running - Description: If "lsass.exe" is running multiple instances on a machine, then the host is possibility compromised - How to Identify: To detect this behavior, look for the list of processes running on the system and the path in which they are executed. Run task listing command to identify the processes running - Example: If the "lsass.exe" that is running is other than "%WINDIR%\system32\lsass.exe," then the proce...
Category: Networking & Security