XWorm

XWorm is a blue team lab that falls under the Malware Analysis category and will cover the following subjects: Detect It Easy, ProcMon, dnSpy, CFF Explorer, PEStudio, Python3, RegShot, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Collection.

Learning Objectives

Analyze malware behavior to identify persistence methods, evasion techniques, and C2 infrastructure by extracting artifacts and configuration data from static and dynamic analysis.

Categories: Malware Analysis.

MITRE ATT&CK Tactics: Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Collection.

Tools: Detect It Easy, CFF Explorer, PEStudio, dnSpy, ProcMon, RegShot, Python3.

Difficulty: medium.