performing-malware-ioc-extraction

Installation
SKILL.md

Performing Malware IOC Extraction

Overview

Malware IOC extraction is the process of analyzing malicious software to identify actionable indicators of compromise including file hashes, network indicators (C2 domains, IP addresses, URLs), registry modifications, mutex names, embedded strings, and behavioral artifacts. This skill covers static analysis with PE parsing and string extraction, dynamic analysis with sandbox detonation, automated IOC extraction using tools like YARA, and formatting results as STIX 2.1 indicators for sharing.

When to Use

  • When conducting security assessments that involve performing malware ioc extraction
  • When following incident response procedures for related security events
  • When performing scheduled security testing or auditing activities
  • When validating security controls through hands-on testing

Prerequisites

Installs
34
GitHub Stars
24.2K
First Seen
Mar 18, 2026
performing-malware-ioc-extraction — mukul975/anthropic-cybersecurity-skills