When it comes to analysis of malicious code, one often has to weigh the potential benefits of a quick, dynamic analysis, which might cause the code to interact with infrastructure operated by a threat actor and thus “break OPSEC”, against the benefits of a slower approach based mostly on static analysis techniques.
Article Link: https://isc.sans.edu/diary/rss/29798