My name is Khaled Ashraf, and this is my graduation project titled CyberFortNox, a platform designed to automate threat intelligence and malware analysis. We employ various technologies and techniques that ensure fully automated, high-quality results. We also use AI technologies to classify certain malware samples for faster triage.
We provide three main solutions. First, we have the threat intelligence solution, which allows SOC teams to predict any future cyber threats or campaigns that threat actors could launch at any moment. This solution works by applying specific rules set by analysts. When these rules are triggered, analysts are notified immediately, enabling them to start investigating the campaign targeting their entity or critical infrastructure.
Our second solution is an automated malware analysis system. To make life easier for analysts, we have automated 90% of the static analysis process, allowing analysts to focus on the most critical parts of the triage. This process involves multiple stages, which we will explain in detail in the following sections.
The third solution is our automated unpacker. Malware developers often employ various obfuscation and encryption techniques to hide the true functionality of their malware. Our automated unpacker restores about 80% of the most popular samples, effectively overcoming their obfuscated or encrypted code.