jhaaaryan/malware-analysis-threat-investigation

# malware-analysis-threat-investigation Static and dynamic malware analysis project focused on persistence detection, IOC extraction, and PCAP-based threat investigation. ## Overview This repository contains malware analysis reports, IOC extraction examples, YARA practice, and network traffic investigation notes created while practicing malware analysis and digital forensics concepts. ## Skills Demonstrated * Static Malware Analysis * Dynamic Malware Analysis * IOC Extraction * PCAP Analysis * Threat Investigation * Persistence Analysis * MITRE ATT&CK Mapping ## Tools Used * Ghidra * Wireshark * Process Hacker * Procmon * YARA * VirusTotal ## Repository Structure * `static-analysis/` * static analysis reports * suspicious strings * YARA examples * `dynamic-analysis/` * execution behavior analysis * persistence observations * malware timelines * `pcap-analysis/` * network traffic investigation * IOC extraction * DNS/HTTP analysis * `tooling/` * small IOC parsing script * `notes/` * consolidated malware analysis learning notes * `badges/` * LetsDefend completion badges ## Important Note No live malware samples are uploaded in this repository. Only sanitized educational artifacts, notes, indicators, and safe analysis outputs are included. ## Key Learning Outcomes * analyzed suspicious executables * investigated malware persistence mechanisms * reconstructed timelines from PCAP traffic * extracted indicators of compromise * mapped activity to MITRE ATT&CK techniques