Skip to main content

Malware Core

Download With Dependencies

Supporting pack for the Malware Investigation & Response pack.

Malware, or malicious software, is any program or file that is intentionally designed to be harmful to a computer, server, client, or computer network.
Malware investigations require security teams to reconcile data from multiple malware analysis and threat intelligence tools. Valuable time is lost shuttling between screens and executing repeatable tasks while an attack continues to manifest.
This Malware content pack contains the ‘Endpoint Malware Investigation - Generic’ playbook, that automates response to a malware found on an endpoint. The pack also contains the corresponding custom malware incident fields, views, and layouts to facilitate analyst investigation.
The Malware playbooks orchestrate across multiple products to extract and enrich IOCs, detonate malicious files, hunt for more IOCs within the organization, and perform remediation on the host.

What does this pack do?

This pack is a supporting pack for Malware Investigation & Response pack and includes supporting scripts, layouts, and fields.

Malware, or malicious software, is any program or file that is intentionally designed to be harmful to a computer, server, client, or computer network.
Malware investigations require security teams to reconcile data from multiple malware analysis and threat intelligence tools. Valuable time is lost shuttling between screens and executing repeatable tasks while an attack continues to manifest.
This Malware content pack contains the ‘Endpoint Malware Investigation - Generic’ playbook, that automates response to a malware found on an endpoint. The pack also contains the corresponding custom malware incident fields, views, and layouts to facilitate analyst investigation.
The Malware playbooks orchestrate across multiple products to extract and enrich IOCs, detonate malicious files, hunt for more IOCs within the organization, and perform remediation on the host.

What does this pack do?

This pack is a supporting pack for Malware Investigation & Response pack and includes supporting scripts, layouts, and fields.

PUBLISHER

Cortex

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByCortex
CreatedMay 18, 2022
Last ReleaseFebruary 14, 2024
Malware
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.