malware 39

• Exploring VenomRAT Metadata and Encryption with YARA - #100DaysOfYara Jan 2, 2025
• Decompiling a JPHP Loader with binwalk and cfr Jul 20, 2024
• Dissecting a Java Pikabot Dropper Mar 3, 2024
• Timelining a Malicious VHD for More Intelligence Aug 4, 2023
• Malware via VHD Files, an Excellent Choice Jul 23, 2023
• NetSupport Manager RAT from a Malicious Installer Feb 25, 2023
• BATLoader, Ursnif, and Redline, oh my! Jan 23, 2023
• .NET Downloader Leading to OriginLogger Jan 7, 2023
• Malware Weight Loss the Fast Way with Foremost Oct 22, 2022
• Bad Guys Hate This Trick for Malware Weight Loss! Oct 15, 2022
• Analyzing .NET Core Single File Samples (DUCKTAIL Case Study) Aug 7, 2022
• Analyzing a Pirrit adware installer May 13, 2022
• Shortcut to Emotet, an odd TTP change Apr 24, 2022
• Snip3 Crypter used with DCRat via VBScript Apr 16, 2022
• An AgentTesla Sample Using VBA Macros and Certutil Mar 26, 2022
• Formbook Distributed Via VBScript, PowerShell, and C# Code Mar 25, 2022
• Aggah PPAM macros renaming MSHTA Mar 4, 2022
• Analyzing a Stealer MSI using msitools Feb 12, 2022
• XLoader/Formbook Distributed by Encrypted VelvetSweatshop Spreadsheets Feb 11, 2022
• AgentTesla From RTF Exploitation to .NET Tradecraft Feb 6, 2022
• njRAT Installed from a MSI Feb 3, 2022
• STRRAT Attached to a MSI File Feb 2, 2022
• GuLoader Executing Shellcode Using Callback Functions Jan 27, 2022
• HCrypt Injecting BitRAT using PowerShell, HTAs, and .NET Jan 23, 2022
• BazarISO Analysis - Loading with Advpack.dll Jan 22, 2022
• Extracting Payloads from Excel-DNA XLL Add-Ins Jan 18, 2022
• Emotet's Excel 4.0 Macros Dropping DLLs Jan 17, 2022
• Analyzing a CACTUSTORCH HTA Leading to Cobalt Strike Jan 16, 2022
• Inspecting a PowerShell Cobalt Strike Beacon Jan 9, 2022
• Looking at PowerPoint Macros with Olevba Jan 7, 2022
• Decoding an Encoded Webshell Using NodeJS Jan 6, 2022
• Extracting Indicators from a Packed Mirai Sample Jan 4, 2022
• A Tale of Two Dropper Scripts for Agent Tesla Jan 3, 2022
• Analyzing a Magnitude EK Appx Package Dropping Magniber Jan 2, 2022
• Analyzing an IcedID Loader Document Jan 1, 2022
• Analyzing a Log4Shell log4j Exploit from Muhstik Dec 12, 2021
• Smarter, Not Harder: Getting Malware to Help You Analyze It Sep 5, 2021
• Analyzing an Empire macOS PKG Stager Feb 8, 2021
• How Qbot Uses Esentutl Feb 1, 2021