Recently Updated
malware 29
- Analyzing .NET Core Single File Samples (DUCKTAIL Case Study) 2022-08-07
- Analyzing a Pirrit adware installer 2022-05-13
- Shortcut to Emotet, an odd TTP change 2022-04-24
- Snip3 Crypter used with DCRat via VBScript 2022-04-16
- An AgentTesla Sample Using VBA Macros and Certutil 2022-03-26
- Formbook Distributed Via VBScript, PowerShell, and C# Code 2022-03-25
- Aggah PPAM macros renaming MSHTA 2022-03-04
- Analyzing a Stealer MSI using msitools 2022-02-12
- XLoader/Formbook Distributed by Encrypted VelvetSweatshop Spreadsheets 2022-02-11
- AgentTesla From RTF Exploitation to .NET Tradecraft 2022-02-06
- njRAT Installed from a MSI 2022-02-03
- STRRAT Attached to a MSI File 2022-02-02
- GuLoader Executing Shellcode Using Callback Functions 2022-01-27
- HCrypt Injecting BitRAT using PowerShell, HTAs, and .NET 2022-01-23
- BazarISO Analysis - Loading with Advpack.dll 2022-01-22
- Extracting Payloads from Excel-DNA XLL Add-Ins 2022-01-18
- Emotet's Excel 4.0 Macros Dropping DLLs 2022-01-17
- Analyzing a CACTUSTORCH HTA Leading to Cobalt Strike 2022-01-16
- Inspecting a PowerShell Cobalt Strike Beacon 2022-01-09
- Looking at PowerPoint Macros with Olevba 2022-01-07
- Decoding an Encoded Webshell Using NodeJS 2022-01-06
- Extracting Indicators from a Packed Mirai Sample 2022-01-04
- A Tale of Two Dropper Scripts for Agent Tesla 2022-01-03
- Analyzing a Magnitude EK Appx Package Dropping Magniber 2022-01-02
- Analyzing an IcedID Loader Document 2022-01-01
- Analyzing a Log4Shell log4j Exploit from Muhstik 2021-12-12
- Smarter, Not Harder: Getting Malware to Help You Analyze It 2021-09-05
- Analyzing an Empire macOS PKG Stager 2021-02-08
- How Qbot Uses Esentutl 2021-02-01