Template Injection Vector Maldoc Analysis

While in search for a new malware sample to interact with in my lab, I visited app.any.run. This is a site...
Read More

Venmo Phishing Deploying Keylogger via Discord’s CDN

Venmo phishing email with an ISO file containing VBScript acting as a downloader for additional malware components downloaded from Discord's CDN leading to keylogging functionality on the infected system.
Read More

Emotet Makes Its Way to the Domain Controller

I decided to re-visit the Emotet analysis after receiving some indications that the infection had made its way to my labs Domain Controller.
Read More
 

Congratulations to my team for taking fifth place at Splunk's North America BOTS!