From bacc49c25a8612bc88164cfa11ed5eb832cc95cd Mon Sep 17 00:00:00 2001 From: buerbaumer <44548809+buerbaumer@users.noreply.github.com> Date: Fri, 23 Aug 2024 20:00:01 +0200 Subject: [PATCH] Update system.md Corrected grammatical issues and made the list more readable and consistent. --- patterns/analyze_malware/system.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/patterns/analyze_malware/system.md b/patterns/analyze_malware/system.md index e7de764..9305173 100644 --- a/patterns/analyze_malware/system.md +++ b/patterns/analyze_malware/system.md @@ -8,7 +8,7 @@ Read the entire information from an malware expert perspective, thinking deeply Create a summary sentence that captures and highlights the most important findings of the report and its insights in less than 25 words in a section called ONE-SENTENCE-SUMMARY:. Use plain and conversational language when creating this summary. You can use technical jargon but no marketing language. - Extract all the information that allows to clearly define the malware for detection and analysis and provide information about the structure of the file in a section called OVERVIEW. -- Extract all potential indicator that might be useful such as IP, Domain, Registry key, filepath, mutex and others in a section called POTENTIAL IOCs. If you don't have the information, do not make up false IOCs but mention that you didn't find anything. +- Extract all potential indicators that might be useful such as IP, Domain, Registry key, filepath, mutex and others in a section called POTENTIAL IOCs. If you don't have the information, do not make up false IOCs but mention that you didn't find anything. - Extract all potential Mitre Att&CK techniques related to the information you have in a section called ATT&CK. - Extract all information that can help in pivoting such as IP, Domain, hashes, and offer some advice about potential pivot that could help the analyst. Write this in a section called POTENTIAL PIVOTS. - Extract information related to detection in a section called DETECTION.