27 lines
737 B
Python
27 lines
737 B
Python
def get_content():
|
|
"""
|
|
Returns structured content for malware analysis and response.
|
|
"""
|
|
return [
|
|
{
|
|
"title": "File Analysis Tools",
|
|
"content": """
|
|
- Tools: Volatility, Cuckoo Sandbox, MalwareBazaar.
|
|
- Snapshot analysis highlights changes post-execution.
|
|
"""
|
|
},
|
|
{
|
|
"title": "Indicators and Artifacts",
|
|
"content": """
|
|
- Prefetch: Tracks execution times and paths.
|
|
- Amcache: Logs SHA-1 hashes and execution metadata.
|
|
"""
|
|
},
|
|
{
|
|
"title": "Persistence Mechanisms",
|
|
"content": """
|
|
- Common Techniques: Scheduled Tasks, Registry Keys, Startup Folders, Services.
|
|
"""
|
|
}
|
|
]
|