Can I export the results to my existing security tools?

Yes, the skill is designed to format all extracted indicators into STIX 2.1 bundles, which are the industry standard for sharing threat intelligence with TIPs and SIEMs.

What libraries are necessary for this skill to function?

You will need Python 3.9+ along with the pefile, yara-python, oletools, and stix2 libraries installed in your analysis environment.

What types of files can this skill analyze?

This skill primarily focuses on Portable Executable (PE) files commonly found in Windows environments, but its string extraction and YARA components can be applied to various binary formats.

Does this skill require a sandbox environment?

The static analysis components can run in an isolated environment, but dynamic analysis features require access to external sandboxes like CAPE, Cuckoo, or Any.Run for safe detonation.

Malware IOC Extraction

Name: Malware IOC Extraction
Author: mukul975

bymukul975

•

4,121

•

セキュリティとテスト

Analyzes malicious software to identify and extract actionable indicators of compromise such as file hashes, network indicators, and behavioral artifacts.

This skill empowers security analysts to automate the extraction of critical threat intelligence from malware samples using both static and dynamic analysis techniques. It leverages specialized libraries for PE parsing, string extraction, and YARA rule matching to uncover malicious infrastructure, persistence mechanisms, and embedded file metadata. By standardizing outputs into the STIX 2.1 format, it streamlines the process of transforming raw binary analysis into shareable, machine-readable threat data suitable for incident response and proactive defense.

主な機能

01Identification of persistence mechanisms and behavioral artifacts

024,121 GitHub stars

03Generation of standardized STIX 2.1 threat intelligence bundles

04Automated string extraction for IPs, C2 domains, and registry paths

05Static analysis of PE file headers, imphashes, and metadata

06YARA-based malware classification and pattern matching

ユースケース

01Generating machine-readable threat intelligence for CTI sharing

02Analyzing suspicious binaries to identify command-and-control (C2) infrastructure

03Automating initial malware triage during incident response

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add mukul975/anthropic-cybersecurity-skills performing-malware-ioc-extraction

For use in Claude.ai and ChatGPT

主な機能

01Identification of persistence mechanisms and behavioral artifacts

024,121 GitHub stars

03Generation of standardized STIX 2.1 threat intelligence bundles

04Automated string extraction for IPs, C2 domains, and registry paths

05Static analysis of PE file headers, imphashes, and metadata

06YARA-based malware classification and pattern matching

ユースケース

01Generating machine-readable threat intelligence for CTI sharing

02Analyzing suspicious binaries to identify command-and-control (C2) infrastructure

03Automating initial malware triage during incident response

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add mukul975/anthropic-cybersecurity-skills performing-malware-ioc-extraction

For use in Claude.ai and ChatGPT