Tools

To help you with the analysis, here are some useful tools.

Automation of analysis

In order to save time and for small emails, you can go to Phistool. Just create a free account to submit your files.

Website link

This section relates to the software allowing to analyze the URLs present in the mails.

url2png

URL2PNG is a site that allows you to take a screen capture of a site by providing only the URL without having to risk the security of your computer.

VirusTotal

VirtusTotal is the part dedicated to URL analysis. VirusTotal provides instant URL rating from nearly 100 anti-virus solutions.

Be careful, just because a site is not listed as unreliable does not mean it is. A website set up a few days before the attack will not yet have been detected by antivirus solutions.

Talos IP et and Domain Reputation Center

This tool allows you to check the reliability of a site by checking the site's reputation with Talos (Cisco), location, whois, etc.

Files

VirusTotal

VirusTotal allows you to test a file (via import or hash check).

Talos File Réputation

Talos File Reputation allows you to test a file by providing only the hash.

Hybrid analysis

This website s great, because it allows you to test sites as well as files (exe, pdf, etc.) or even hashes within a sandbox and generate YARA detection rules.

On the other hand, it is longer (sometimes 10 minutes for a pdf) but in the event of a new threat, a more reliable result is obtained.