Using similarity to expand context and map out threat campaigns
TL;DR: VirusTotal allows you to search for similar files according to different orthogonal notions (structure, visual layout, icons, execution behaviour, etc.). File similarity can be combined with the “have:” search modifier in order to gain more cont… Continue reading Using similarity to expand context and map out threat campaigns