malware 22

• BATLoader, Ursnif, and Redline, oh my! 2023-01-23
• .NET Downloader Leading to OriginLogger 2023-01-07
• Malware Weight Loss the Fast Way with Foremost 2022-10-22
• Bad Guys Hate This Trick for Malware Weight Loss! 2022-10-15
• Analyzing .NET Core Single File Samples (DUCKTAIL Case Study) 2022-08-07
• Analyzing a Pirrit adware installer 2022-05-13
• Shortcut to Emotet, an odd TTP change 2022-04-24
• Snip3 Crypter used with DCRat via VBScript 2022-04-16
• An AgentTesla Sample Using VBA Macros and Certutil 2022-03-26
• Formbook Distributed Via VBScript, PowerShell, and C# Code 2022-03-25
• Aggah PPAM macros renaming MSHTA 2022-03-04
• Analyzing a Stealer MSI using msitools 2022-02-12
• XLoader/Formbook Distributed by Encrypted VelvetSweatshop Spreadsheets 2022-02-11
• AgentTesla From RTF Exploitation to .NET Tradecraft 2022-02-06
• njRAT Installed from a MSI 2022-02-03
• STRRAT Attached to a MSI File 2022-02-02
• GuLoader Executing Shellcode Using Callback Functions 2022-01-27
• HCrypt Injecting BitRAT using PowerShell, HTAs, and .NET 2022-01-23
• BazarISO Analysis - Loading with Advpack.dll 2022-01-22
• Extracting Payloads from Excel-DNA XLL Add-Ins 2022-01-18
• Emotet's Excel 4.0 Macros Dropping DLLs 2022-01-17
• Inspecting a PowerShell Cobalt Strike Beacon 2022-01-09