Assemblyline 101 - Open Source Malware Triage

Assemblyline is an open-source malware triage and analysis platform; this report provides an overview of its services, Docker-based installation and deployment steps, and a maldoc analysis example showing remote template injection and extraction of IOCs. The guide demonstrates how Assemblyline aggregates results from multiple services to flag suspicious files, extract embedded files/URLs, and present heuristics and reputation-based indicators to speed analyst triage.