Malware Configuration Parsers: An Essential Hunting Tool

The majority of threat actors buy and use commodity malware. To tailor this malicious software to their needs, they use malware configuration settings that dictate how it behaves. Parsing this data is an essential skill for any threat hunter or detection engineer.

Malware configuration parsing allows you to correlate intrusions, track campaigns, enrich threat hunts…