Trusted Design

Down the Rabbit Hole: Botnet Analysis for Non-Reverse Engineers

概要

Talos is often tasked with mapping the backend network for a specific piece of malware. One approach is to first reverse engineer the sample and determine exactly how it operates. But what if there is no time or resources to take the sample apart? This post is going to show how to examine a botnet from the Fareit family, starting with just an IP address. Then, using sandbox communities like Cisco ThreatGRID and open source products like Gephi and VirusTotal, we will track down and visualize the botnet.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

• Fareit botnet family (score: 0.59)
• Exploring a P2P Transient Botnet - From Discovery to Enumeration (score: 0.59)
• Mirai Botnet Indicators (score: 0.59)
• A New All-in-One Botnet: Proteus (score: 0.57)
• Cisco's Talos Intelligence Group Blog: The Many Tentacles of the Necurs Botnet (score: 0.57)

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る