Too Long; Didn't Read
In the <a href="https://www.alienvault.com/blogs/labs-research/malware-analysis-using-osquery-part-1" target="_blank">first part</a> of this series, we saw how you can use Osquery to analyze and extract valuable information about malware’s behavior. In that post, we followed the activity of the known Emotet loader, popular for distributing banking trojans. Using Osquery, we were able to discover how it infects a system using a malicious Microsoft Office document and how it extracts and executes the payload.