FireEye | Matryoshka Mining: Lessons from Operation RussianDoll

Lessons from Operation RussianDoll

FireEye Labs detected an advanced persistent threat (APT) campaign exploiting a zero-day vulnerability in Windows last year. Mandiant, a FireEye company, has created a multi-faceted analysis of this campaign, known as Operation RussianDoll.

This paper provides tools and techniques that help security professionals recognize and conduct enhanced malware analysis.

Download the white paper to learn about:

  • Static analysis with IDA
  • Dynamic analysis with WinDbg
  • Analysis of a win32k.sys
  • Exploit steps required for red team analysts to synthesize offensive tools based on APT malware

Download-LP-2.png   Download the Report

video Play Video

Some info / descriptions


some copy for the video

  • Why alerts are not fool-proof
  • Why having more consoles may not be the answer to your security needs
  • How your IT team may not be prepared to handle critical alerts
  • How long it takes other organizations to respond to alerts, and how you compare
  • Why outsourcing could save you money and mitigate risk