6.1.3. Upload to www.threatexpert.com to get High Level overview
6.1. Identify the Threat and Attack Vectors
6.1.3. Upload to www.threatexpert.com to get High Level overview
6.1.3.1. Does the executable modify critical files?
6.1.3.2. Does the executable modify common load points in the
6.1.3.3. Does the executable open communications to the internet? and
6.1.3.4. Does packet capture reveal specific file names or unique
6.1.0. Acquire Binary
6.1.1. Submit the file to Symantec Response
6.1.2. Upload to VirusTotal.org
6.1.4. Configure SEP to higher security state
6.1.5. Upload to Anubis.iseclab.org
6.1.6. Observed Activity
6.1.7.Run SEP Support tool
By
Efrain Ortiz